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m  EDITOR’S  NOTE 

Don  Tennant 


Anachronism 


IT  JUST  doesn’t  seem  all  that  long  ago  that  we  technol¬ 
ogy  journalists  were  writing  about  the  “information 
superhighway.”  It  seems  impossible  that  it’s  been  a  full 
11  years  since  I  was  talking  about  the  route  of  that  re¬ 
markable  thoroughfare  with  Oracle  CEO  Larry  Ellison. 


It  was  January  1997,  and 
I’d  asked  Ellison  to  reveal 
the  dumbest  business  deci¬ 
sion  he’d  made  in  the  past 
two  years. 

“Probably  not  getting 
into  the  Internet  soon 
enough,”  Ellison  replied.  “I 
guess  Microsoft,  Oracle,  a 
lot  of  us  were  distracted  by 
video-on-demand  and  the 
information  superhighway. 
That  obscured  the  impor¬ 
tance  of  the  Internet.” 

Back  then,  information 
superhighway  was  the  gee- 
whiz  term  that  we  journal¬ 
ists  applied  to  the  Internet 
for  the  sake  of  catchier 
headlines  and  that  the  dot¬ 
com  pioneers  were  using 
for  the  sake  of  a  bubblier 
bubble.  So  Ellison’s  point 
was  a  valid  one  —  the  in¬ 
herent  business  value  of 
the  Internet  was  overshad¬ 
owed  by  a  wow  factor  that 
identified  the  Internet  with 
information  delivery  rather 
than  as  a  new  approach  to 
implementing  information 
technology. 

In  those  days,  the  In¬ 
ternet  was  an  entity  unto 
itself.  I  was  working  at 
the  Hong  Kong  edition  of 
C-omputerworld  at  the  time, 
and  I  remember  launching 
Cyber  World  (don’t  laugh 


—  that  was  cool  stuff  in 
the  mid-’90s),  a  monthly 
supplement  that  covered 
the  emergence  of  the  Web, 
browsers,  intranets,  e-mail 
services  and  the  like.  By 
the  time  I  left  Hong  Kong 
in  early  2000,  we  had  fold¬ 
ed  it  simply  because  the 
Internet  was  so  entrenched 
in  IT  and  in  business  op¬ 
erations  that  it  no  longer 
made  sense  to  position  it  as 
a  separate  coverage  area. 

It  was  a  natural  evolu¬ 
tion,  and  one  that  was 
consistent  with  the  way  IT 
has  evolved  over  time.  But 
evolution  is  an  emotional 
topic  for  a  lot  of  people,  as 
reader  reaction  to  a  story 
posted  on  our  Web  site  last 
week  demonstrates. 

That  story,  which  is  what 
reminded  me  of  the  inter¬ 
view  with  Ellison  all  those 
years  ago,  is  Julia  King’s 
piece  “IT  Career  Paths  You 
Never  Dreamed  Of.” 

■  The  Internet 
didn’t  disappear 
when  it  became 
embedded  in  the 
business,  and 
neither  will  the 
IT  profession. 


The  premise  of  the  story 
is  that  IT  job  functions  are 
changing,  and  that  some 
forward-thinking  compa¬ 
nies  are  changing  job  titles 
and  expectations  to  reflect 
that  reality.  For  example, 
King  reports  that  Comput¬ 
er  Sciences  Corp.  is  chang¬ 
ing  the  way  it  places  some 
of  its  IT  workers  within 
client  companies,  and  that 
according  to  CSC  CIO 
David  McCue,  the  industry 
will  “see  new  and  made-up 
titles  come  about.” 

“The  traditional  IT 
department  is  beginning 
to  morph  into  a  series  of 
individuals  who  are  com¬ 
fortable  using  technology 
and  who  know  its  inherent 
characteristics,”  he  says. 
“They  are  becoming  em¬ 
bedded  into  the  businesses 
as  technology  mentors.” 

Similarly,  Patti  Dodgen, 
vice  president  at  Mosaica 
Partners,  stresses  that 
technical  skills  alone  don’t 
cut  it.  “IT  is  no  longer  a 
subset  specialty,”  Dodgen 
says.  “IT  is  integrated  into 
whatever  work  you’re  try¬ 
ing  to  get  done.” 

King  makes  it  clear  that 
just  as  the  Internet  didn’t 
disappear  when  it  became 
embedded  in  IT  and  the 
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business,  changing  titles 
and  embedding  the  IT 
function  in  the  business 
doesn’t  infer  the  disap¬ 
pearance  of  IT  as  a  career 
path.  Yet  that  wasn’t 
enough  to  comfort  some 
readers  who  were  clearly 
angered  by  the  article. 

“More  bean-counter  BS,” 
one  reader  fumed.  “Again, 
wishful  thinking  on  the 
part  of  business  types  [who] 
believe  that  all  people  can 
be  morphed  into  some  ver¬ 
sion  of  themselves.  Never 
going  to  happen.” 

“Another  in  a  long  series 
of  articles  about  the  demise 
of  the  IT  profession,”  wrote 
another,  missing  the  point 
entirely.  The  IT  profession 
isn’t  heading  toward  its  de¬ 
mise.  Rather,  IT  as  a  pro¬ 
fession  independent  of  the 
business  is  heading  toward 
anachronism. 

In  any  event,  it’s  under¬ 
standable  that  wrapping 
your  head  around  what 
likely  lies  ahead  is  difficult, 
because  it’s  tough  for  even 
the  most  successful  among 
us.  During  that  1997  inter¬ 
view,  I  also  asked  Ellison 
what  he  considered  to  be 
his  smartest  decision  in 
the  past  two  years. 

“I  suppose  the  introduc¬ 
tion  of  the  NC  —  network 
computer  architecture,”  he 
replied. 

Enough  said.  ■ 

Don  Tennant  is  editorial 
director  of  Computerworld 
and  InfoWorld.  Contact 
him  at  don_tennant@ 
computerworld.com,  and 
visit  his  blog  at  http:// 
blogs.computerworld. 
com/tennant. 
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_DAY  75:  These  cables  are  everywhere!!  Connecting 
underutilized  servers  to  more  underutilized  servers. 
Our  energy  usage  is  out  of  control!! 


Powerful. 

Efficient. 


_DAY  77:  I  found  a  way  out  of  this  mess:  the  super¬ 
efficient  IBM  BladeCenterf  It  helps  us  manage  power 
and  cooling  usage  with  intelligent  Cool  Blue™ 
technology.  And  with  the  latest  Quad-core  Intel®  Xeon® 
processor,  we  won’t  have  to  sacrifice  performance  for 
efficiency.  So  out  with  cables,  in  with  blades. 

_DAY  79:  Gil’s  stuck  under  the  ball.  Tried  calling  his  wife. 
Turns  out  the  photo  of  his  family  came  with  the  frame. 
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■  LETTERS 

The  Real  Story  on  Telecom  Deregulation 


Broadband  access  wasn’t  deregu¬ 
lated  in  1996,  as  Robert  Mitchell 
contends  [“Keeping  a  Lid  on  Broad¬ 
band,”  Opinion,  Jan.  28],  We  didn’t 
get  real  deregulation  until  2005,  and 
it  is  just  now  bearing  fruit. 

The  1996  Telecom  Act  relaxed 
rules  on  long-haul  communications 
and  long-distance  voice  service  but 
re-regulated  most  last-mile  services 
and  broadband  technologies.  The 
result  was  a  dramatic  expansion  of 
intercity  national  and  international 
capacity  but  a  relative  slowdown  in 
broadband  investment.  The  result 
was  a  “fiber  glut,”  where  patheti¬ 
cally  thin  last-mile  tributaries  could 
not  generate  enough  data  to  fill  the 
newly  deregulated,  capacious  core 
of  the  network. 

But  that  was  the  story  five  to  seven 
years  ago.  Today,  freed  from  the  old 
restrictions,  U.S.  broadband  build¬ 
outs  are  now  booming. 

Decisions  by  the  FCC  and  the 
courts  in  2003, 2005  and  2006  re¬ 
laxed  or  eliminated  most  last-mile 
broadband  regulation.  Some  work 
remains  at  the  state  utility  com¬ 
mission  level.  But  today,  Verizon 
is  investing  $23  billion  in  new 


fiber-to-the-home  links.  AT&T  is 
spending  billions  more  on  fiber-to- 
the-neighborhood  and  greenfield 
FTTH.  These  networks  will  offer 
broadband  services  between  10  and 
50Mbit/sec.  Exactly  Mitchell’s  wish. 

Cable  companies  —  whose  broad¬ 
band  services  were  always  mostly 
unregulated  and  thus  gained  the 
broadband  lead  versus  telecom 
—  will  have  to  respond  in  kind.  As 
Verizon  and  AT&T  leapfrog  cable’s 
broadband  speeds  of  around  6Mbit/ 
sec.,  cable  will  have  to  transfer 
more  and  more  of  its  generous  net¬ 
work  capacity  from  TV  program¬ 
ming  to  broadband  service.  Already, 
we  are  seeing  cable  systems  offer 
15  or  even  30Mbit  service.  Within  a 
year  or  two,  millions  of  Americans 
will  have  access  to  broadband  every 
bit  as  good  as  world  leaders  Korea 
and  Hong  Kong. 

We  are  in  the  midst  of  the  broad¬ 
band  build-out  we’ve  all  been  wait¬ 
ing  for.  The  prescriptions  advocated 
by  Mitchell  could  once  again  bring 
broadband  to  a  screeching  halt. 

■  Bret  Swanson,  director,  Center  for 
Global  Innovation,  the  Progress  & 
Freedom  Foundation,  Washington 
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ers.  So  why 
haven’t  they 
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enterprise? 
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_DAY  74:  This  is  so  complicated.  We’re  spending  all  our 
time  and  money  managing  our  boxes.  Gil  says  he  has  a 
big  idea  for  how  to  better  manage  our  x86  environment. 

.Gil’s  big  idea:  sheepdogs... says  they  work  for  biscuits. 


.DAY  75:  I  just  wrangled  up  the  scalable  IBM  System  x3950. 
Its  IBM  X3  Architecture  and  IBM  Systems  Director  make 
it  one  of  the  most  reliable  and  economical  platforms  for 
x86-based  virtualization.  Managing  our  servers  and  storage 
is  a  snap.  And  with  Dual-Core  Intel®  Xeon®  processors,  the 
System  x™  servers  will  run  lightning  fast. 


.IBM  System  x.  My  new  best  friend. 


Purchase  a  System  x  and  get  a  3-month  trial  of  VMware’  VI3* 
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SOFTWARE 

Microsoft  Pledges  to 
Share  APIs,  Protocols 
With  Outside  Developers 


ICROSOFT  CORP. 
last  week  publicly 
released  more  than 
30,000  pages  of  documenta¬ 
tion  for  its  Windows  com¬ 
munications  protocols,  the 
first  in  a  series  of  steps  it 
plans  to  take  to  provide 
more  interoperability  capa¬ 
bilities  to  rival  vendors  and 
open-source  developers. 

In  announcing  a  new  set 
of  “interoperability  prin¬ 
ciples,”  Microsoft  promised 
to  publish  the  details  of  all 
the  APIs  and  protocols  that 
its  own  products  use  to  inte¬ 
grate  with  Windows  Vista, 
Windows  Server  2008,  SQL 


Server  2008,  Office  2007 
and  the  current  releases  of 
Exchange  Server  and  Office 
SharePoint  Server. 

Previously,  Microsoft 
made  its  APIs  and  protocols 
available  only  under  trade- 
secret  licenses.  Now,  the 
vendor  said,  developers  no 
longer  need  to  sign  licenses 
or  pay  royalties  to  access 
and  use  the  documentation. 

Ray  Ozzie,  the  company’s 
chief  software  architect, 
said  during  a  press  briefing 
that  the  changes  will  let 
outside  developers  use  “the 
same  means  as  Microsoft 
does  in  its  own  products.” 
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THE  WEEK  AHEAD 

MONDAY:  Digg  is  due  to  hold  the  first  in  a  series  of  virtual 
“town  hall”  meetings  designed  to  give  users  a  chance  to  voice 
concerns  about  the  operation  of  its  news-ranking  Web  site. 

TUESDAY:  IBM  is  scheduled  to  announce  a  new  mainframe 
in  New  York.  The  debut  coincides  with  a  conference  being 
held  in  Orlando  by  the  mainframe-oriented  Share  user  group. 

WEDNESDAY:  Microsoft  launches  Windows  Server  2008, 
SQL  Server  2008  and  Visual  Studio  2008  in  Los  Angeles. 


Vista  SP1 
Precursor 
Gets  Booted 


But  the  new  approach 
wasn’t  completely  volun¬ 
tary:  Microsoft  acknowl¬ 
edged  that  the  announce¬ 
ment  was  part  of  its  effort  to 
comply  with  the  European 
Commission’s  2004  anti¬ 
trust  ruling,  after  a  Europe¬ 
an  court  rejected  its  appeal 
of  the  ruling  last  September. 

Nonetheless,  Allan  Krans, 
an  analyst  at  Technology 
Business  Review,  said  that 
the  increased  openness  is  “a 
big  shift”  for  Microsoft. 

“This  is  the  new  Micro¬ 
soft,”  noted  Chris  Swenson, 
an  analyst  at  The  NPD  Group 
Inc.  “They  really  are  chang¬ 
ing.”  But,  he  added,  “no  one 
is  going  to  give  them  credit 
for  it”  because  of  the  vendor’s 
previous  business  practices. 

As  if  to  confirm  that, 
Directions  on  Microsoft 
analyst  Michael  Cherry  said 
that  although  the  new  plan 
looks  “pretty  good”  on  the 
surface,  a  deeper  judgment 
can’t  be  made  until  external 
developers  start  examining 
the  documentation. 

Microsoft  also  promised 
that  it  won’t  sue  open- 
source  developers  for  dis¬ 
tributing  its  protocols  in 
noncommercial  products. 
And  the  company  said  it 
will  craft  new  APIs  to  en¬ 
able  file  formats  other  than 
its  own  Office  Open  XML 
to  be  used  with  Office  2007, 
even  as  the  default  choice 
for  saving  documents. 

—  Gregg  Keizer 


After  users  flooded  its  Tech- 
Net  support  forums  with 
reports  of  endlessly  reboot¬ 
ing  PCs,  Microsoft  Corp. 
last  week  pulled  an  update 
designed  to  prep  Windows 
Vista  for  Service  Pack  1. 

By  Friday,  Microsoft  had 
posted  some  work-arounds 
for  the  endless-reboot  prob¬ 
lem  on  its  support  Web  site. 
However,  the  company  had 
not  yet  issued  a  revamped 
update  with  a  built-in  fix. 

“So  far,  we’ve  been  able  to 
determine  that  this  problem 
only  affects  a  small  number 
of  customers  in  unique 
circumstances,”  said  Nick 
White,  a  Windows  Vista 
program  manager,  in  a  blog 
post.  He  added  that  a  fix 
was  in  the  works. 

A  Microsoft  spokeswoman 
said  the  snafu  won’t  affect 
plans  to  offer  SP1  to  most 
users  next  month,  or  to  start 
automatically  installing  it  on 
PCs  by  mid-April. 

-  GREGG  KEIZER 


H  Although  Microsoft 
said  the  glitch  affected 
only  a  “small”  number 
of  users,  traffic  on  the 
TechNet  Vista  SP1  forum 
has  been  heavy  -  one 
thread  had  been  viewed 
more  than  48,000  times 
by  last  Friday. 


1  f-Ar.ii- 


.INFRASTRUCTURE  LOG 


.DAY  56:  Our  voice  and  data  networks  are  out  of  control. 
Nothing’s  integrated.  We  have  to  use  different  devices 
for  different  things.  Gil’s  had  enough. 

.He’s  welding  every  device  in  the  office  together  with 
a  blowtorch.  He  calls  it  “The  Unifier.” 

.DAY  57:  Took  back  control  with  a  Unified  Communications 
and  Collaboration  (UC2tm)  strategy  from  IBM.  We  integrated 
everything  to  give  us  real-time  access  on  any  device.  The 
IBM  Lotus®  Sametime®  platform  combines  IP  Telephony,  Web, 
videoconferencing  and  more  into  a  single  interface.  Whoa. 

.Now  we’re  working  fast,  for  less,  and  without  safety  goggles. 


II  '■ 


IBM,  the  IBM  logo,  Lotus,  UC2,  Sametime  and  Take  Back  Control  are  trademarks  or  registered  trademarks  of  International  Business  Machines  Corporation  in  the  United  States  andOr  other  countries. 
©2008  IBM  Corporation.  All  rights  reserved.  Lotus  Sametime  offers  Voice  over  IP  corrimunications  within  the  enterprise  ..Third-party  offerings  are  available  to  integrate  IP  Telephony  with  Lotus  Sametime. 
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LEGAL  ISSUES 

Federal  Court  Shutters 
Whistle-blower  Web  Site 


A  FEDERAL  JUDGE  last 
week  shut  down  a 
controversial  Web 
site  in  the  U.S.  that  allows 
whistle-blowers  to  post 
corporate  and  government 
documents  online  anony¬ 
mously.  The  Wikileaks.org 
site  remains  online  in  Bel¬ 
gium  and  Germany. 

The  order  was  in  re¬ 
sponse  to  a  complaint  filed 
earlier  this  month  by  a 
Swiss  banking  firm,  Julius 
Baer  Group,  against  the  site 
and  its  domain  name  regis¬ 
try,  Dynadot  LLC. 

Federal  Judge  Jeffrey 
White  issued  two  perma¬ 
nent  injunctions,  one  order¬ 
ing  Dynadot  to  immediately 
disable  the  Wikileaks.org 
domain  name  and  a  second 
requiring  Dynadot  to  im¬ 
mediately  clear  and  remove 
all  DNS  hosting  records  for 
the  domain  name. 

In  a  posting  on  its  site, 
Wikileaks  called  the  order 
“clearly  unconstitutional” 
and  said  that  it  exceeded 
the  jurisdiction  of  the 
court.  The  statement  also 
contended  that  Wikileaks 


The  serious 
defamatory 
allegations  are 
based  on  forged 
and  stolen  docu¬ 
ments  and  are  un¬ 
equivocally  denied. 

MARTIN  S0M0GYI, 

SPOKESMAN. 

JULIUS  BAER  GROUP 


had  little  notice  of  the  San 
Francisco  court  hearing 
and  had  no  representation. 

According  to  Wikileaks, 
the  documents  posted  on 
the  site  showed  that  the 
Zurich-based  bank  was  in¬ 
volved  in  offshore  money¬ 
laundering  and  tax  evasion 
activities  for  customers. 

In  its  complaint,  Julius 
Baer  Group  claimed  that 
the  documents  were  il¬ 
legally  obtained,  are 
confidential  and  contain 
copyrighted  information. 


Martin  Somogyi,  a  spokes¬ 
man  for  the  bank,  added 
that  the  “allegations  are 
based  on  forged  and  stolen 
documents  and  are  un¬ 
equivocally  denied.” 

Privacy  and  civil  rights 
advocates  were  critical 
of  the  court’s  decision  to 
permanently  shut  down  an 
entire  Web  site  because  of 
a  complaint  about  a  small 
part  of  it.  “It’s  contrary  to 
any  interpretation  of  First 
Amendment  law,”  said  Da¬ 
vid  Ardia,  director  of  the 
Citizen  Media  Law  Project 
at  Harvard  Law  School. 

A  fairer  outcome  would 
have  been  for  the  court  to 
order  Wikileaks  to  remove 
only  the  offending  docu¬ 
ments,  and  perhaps  assess 
monetary  damages  if  the 
site  had  been  in  violation  of 
copyright,  privacy  or  other 
laws,  Ardia  said. 

Marc  Rotenberg,  execu¬ 
tive  director  of  the  Elec¬ 
tronic  Privacy  Information 
Center  in  Washington,  said 
that  from  a  technology 
perspective,  “there  is  no 
meaningful  way  the  courts 
can  restrict  the  dissemina¬ 
tion  of  this  information  on 
the  Web.” 

—  Elizabeth  Montalbano, 
IDG  News  Service,  and 
Jaikumar  Vijayan 


aBHHBHHM 

DEVELOPMENT 


Microsoft  to  Give  Away 
.Net  Tools  to  Students 


FOR  JAKE  RAStLE,  a  computer 
science  major  at  the  University 
of  Akron  in  Ohio,  being  an  out¬ 
spoken  fan  of  Microsoft  Corp.’s 
development  tools  sometimes 
feels  as  lonely  as  being  a  young 
Republican  -  which  he  also  is. 

Basils,  a  sophomore,  has  only 
one  class  this  semester  that 
uses  Microsoft’s  .Net  framework 
and  Visual  Studio  tools.  The  rest 


are  Java  classes,  he  said. 

Microsoft’s  standing  on 
college  campuses  has  been 
eroded  by  a  combination  of 
open-source  tools  and  Adobe 
Systems  Inc.’s  Web  design 
software.  Now  the  company  is 
trying  to  fight  back  by  making 
some  of  its  key  products  avail¬ 
able  free  of  charge  to  students 
in  the  IJ.S.,  Canada,  China  and 


What’s  Up  for  Grabs 
By  Students 

«  Professional  editions  of 
Visual  Studio  2005  and  2008 

8  XNA  Game  Studio  2.0 
(for  game  design) 

dM  Mt  ■*%  vR  XT*  *•>  -1*.  Mtf  W  ««  WMOtNMMalWW 

»  Expression  Studio 
(Web  design  suite) 

.  ^  Ml  *.*»  ».*«•«*  *  «>  M>  N*  «l  .«  »*•  M  ' 

s  Windows  Server  2003 
Sta_ndardEdjtjon_ _ _ 

8  SQL  Server  2005 
Developer  Edition 

eight  European  countries. 

Via  a  new  program  called 
DreamSpark,  students  will  be 
able  to  download  the  Profes- 


Short 

Takes 

Chrysler  LLC  has  award¬ 
ed  an  outsourcing  contract 

to  Tata  Consultancy  Ser¬ 
vices  Ltd.,  consolidating 
IT  services  now  handled 
by  separate  providers. 

Tata  will  be  responsible  for 
maintaining  dealers’  online 
vehicle  ordering  systems 
and  Chrysler’s  dealer  and 
brand  Web  sites. 

EMC  Corp.  has  ac¬ 
quired  Pi  Corp ,  a  maker 
of  personal  information 
management  tools.  Pi  is 
headed  by  Paul  Maritz,  a 
former  top  Microsoft  ex¬ 
ecutive.  Terms  of  the  deal 
were  not  disclosed. 

Sybase  Inc.  has 

launched  a  cluster  version 
of  its  Adaptive  Server  da¬ 
tabase,  taking  on  the  likes 
of  Oracle’s  Real  Applica¬ 
tion  Clusters.  The  Enter¬ 
prise  Cluster  Edition  uses 
shared-disk  clustering, 
which  allows  application 
workloads  to  be  balanced 
among  instances. 

EMC  has  hired  former 
BearingPoint  Inc.  CEO 

Harry  You  to  serve  as 
executive  vice  president, 
office  of  the  chairman. 

He  reports  to  Joe  Tucci, 
EMC’s  chairman,  presi¬ 
dent  and  CEO. 


sional  editions  of  Visual  Studio 
2008  and  its  Visual  Studio 
2005  predecessor,  as  well  as 
three  other  products. 

Both  vendor  and  students 
may  benefit,  said  Chris  Swen¬ 
son,  an  analyst  at  The  NPD 
Group  Inc.  “It  looks  good  for 
a  student  to  be  able  to  put  on 
his  rdsumd  that  he’s  using  the 
full  version  of  Visual  Studio,” 
Swenson  said.  “And  how  much 
money  was  Microsoft  really 
getting  from  students?” 

-  ERIC  LAI 


10  COMPUTlERWOltlD  FEBRUARY  25,  2008 


solid  state  reliability 


SAMSUNG 

FlashSSD 


Samsung  Solid  State  Drive 

all-Flash  drives  available 
in  notebooks  and  consumer  electronics 

weight  (2.5”  SATA-II  SSD)  73g 

endurance  (MTBF")  >  2  million  hours 


Introducing  the  new  Samsung  Flash  Solid  State  Drive  (SSD). 

No  moving  parts,  except  some  hardworking  electrons.  A  Mean  Time 
Between  Failures  (MTBF)  almost  three  times  longer  than  a  hard  drive. 
Exceptional  shock  resistance.  And  power  use  that  extends  battery 
life  up  to  20%.  With  a  Samsung  SSD  inside  your  notebook,  your 
data  is  always  there  when  you  need  it. 


shock  resistance  1 500G  /  0.5ms 

read  speed  1 00MB  /  s 


www.samsungssd.com 


write  speed  80MB /s 

active  power  consumption  1 W 

operating  temperature  -25C  -  85C 


*Mean  Time  Between  Failures 
©  2008  Samsung.  All  rights  reserved. 
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BETWEEN  THE  LINES 


By  John  Klossner 


SECURITY 

White  House  Flap  Sheds 
Light  on  E-mail  Backup 


STORAGE  EXPERTS  and 
users  say  recent  legal 
issues  surrounding 
missing  White  House 
e-mails  should  help  convince 
IT  managers  of  the  need  to 
improve  e-mail  backup  and 
archiving  policies. 

Justin  Jongbloedt,  senior 
Microsoft  infrastructure 
engineer  at  St.  Paul,  Minn.- 
based  retailer  Gander 
Mountain  Co.,  said  such 
high-profile  e-mail  ar¬ 
chiving  and  backup  gaffes 
can  serve  as  a  good  measur¬ 
ing  stick  for  organizations. 

“Learning  from  lessons  is 
pretty  much  what  it  comes 
down  to,”  said  Jongbloedt. 

“It  allows  our  lawyers  to 
look  at  that  and  see  what 
[problems  other]  people 
are  running  into  instead  of 
making  your  own  mistakes.” 

A  watchdog  group  last 
year  sued  the  White  House 
in  an  effort  to  gain  access 
to  e-mail  that  officials  said 
was  lost.  A  federal  judge  this 
month  ruled  that  the  group, 
Citizens  for  Responsibility 
and  Ethics  in  Washington, 
can  question  White  House 
officials  in  an  effort  to  find 
the  missing  e-mail. 

Mike  Osterman,  president 
of  Black  Diamond,  Wash.- 


based  Osterman  Research 
Inc.,  said  many  businesses 
do  not  have  adequate  e-mail  J 
archiving  and  policy-based 
data-retention  processes 
because  they  mistakenly 
believe  that  e-mail  is  not  a 
business  record. 

The  White  House  lawsuit  1 
“should  wake  people  up  to 
what  could  happen  if  you 
don’t  save  e-mail  appropri¬ 
ately.  It’s  a  good  shot  across 
the  bow  and  a  very  good 
lesson  for  senior  managers,” 
he  added. 

Osterman  suggested  that 
IT  managers  should  outline 
the  retention  responsibili¬ 
ties  of  each  corporate  unit 
by  defining  business  infor¬ 
mation  and  listing  how  long  | 
it  should  be  stored. 

—  Brian  Fonseca  i 


Global . 
Dispatches 

U.K.  Probes  Thefts 
Of  Military  Laptops 

LONDON- The  U.K.  Ministry 
of  Defence  last  week  launched 
an  inquiry  into  the  loss  of  two 
laptop  computers  containing 
unencrypted  personal  details. 

The  ministry  discovered  the 
loss  of  the  two  laptops  during 
an  investigation  into  the  theft 
earlier  this  year  of  a  laptop 
from  an  officer  in  the  Royal 
Navy.  That  laptop  contained  in¬ 
formation  on  600,000  people. 

The  current  probe  is  looking 
into  the  2006  theft  of  a  Royal 
Navy  laptop  that  contained 
personal  data  on  500  people, 
as  well  as  the  disappearance 
of  a  computer  from  an  army 
recruiting  office  in  Edinburgh 
in  2005,  said  Des  Brown,  the 
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AT&T  Inc.  and  Verizon 
Wireless  both  shut  down 
their  analog  cellular  net¬ 
works,  marking  the  sunset 
of  that  technology,  which 
has  been  superseded  by 
digital  networks. 

Several  weeks  after  giving 
Netscape  Navigator  a  one- 
month  support  reprieve, 


A0L  LLC  released  a  final 
update  and  urged  users  to 
switch  to  Firefox  or  lock 
Inc.’s  namesake  browser. 

FOUR  YEARS  AGO:  The  U.S. 
Food  and  Drug  Administra¬ 
tion  called  for  the  wide¬ 
spread  use  of  RFID  technol¬ 
ogy  to  track  the  distribution 
of  prescription  drugs. 


i 

I 


U.K.’s  defense  secretary. 

“Our  internal  investigation 
has  identified  weaknesses  in 
the  application  of  [Ministry  of 
Defence]  security  procedures,” 
Brown  said. 

Computers orld  U.K.  staff 

Security  Concerns 
Hold  Up  3Com  Deal 

SHENZHEN,  CHINA -The 
proposed  $2.2  billion  sale  of 
3Com  Inc.  to  Bain  Capital  Part¬ 
ners  LLC  and  Huawei  Tech¬ 
nologies  Co.  is  on  hold  because 
the  U.S.  government’s  Com¬ 
mittee  on  Foreign  Investment 
in  the  United  States  has  raised 
national  security  concerns. 

The  concerns  prompted 
the  three  companies  to  with¬ 
draw  a  filing  with  CFIUS, 
whose  members  include  rep¬ 
resentatives  of  12  U.S.  agen¬ 
cies.  The  committee  said  it  is 
worried  about  the  close  ties 
of  Shenzhen-based  Huawei  to 


the  Chinese  government. 

Under  the  deal,  Bain  would 
gain  an  83.5%  stake  in  3Com, 
and  networking  vendor  Huawei 
would  own  the  rest.  The  three 
companies  said  they  are  com¬ 
mitted  to  addressing  the  issue. 
Grant  Gross, 

IDG  News  Service 


BRIEFLY  NOTED 
London’s  Heathrow  Airport 
blamed  a  faulty  software  up¬ 
grade  for  a  baggage-system 
failure  that  affected  thousands 
of  passengers  last  week.  The 
glitch  crashed  two  baggage¬ 
sorting  machines  on  Feb.  19, 
said  an  airport  official. 
Siobhan  Chapman, 
Computerworld  U.K. 


he  Smart-UPS®  closet  solution: 
Managed,  Secured,  Cooled 


Key  Code 

ttp://www. ape. com/promo  a603w 

J8.289.APCC  x9373  •  FAX:  401.788.2797 


Register  to  WIN  a  Smart-UPS®  XL 
1400VA  Rackmount  -  a  $779  Value! 


Name: 

Title: 

Company: 

Address: 

Address  2: 

City/Town: 

State: 

Zip: 

Country: 

Phone: 

Fax: 

e-mail: 

I  I  Yes!  Send  me  more  information  via  e-mail  and  sign  me  up  for  APC  PowerNews  e-mail  newsletter.  (Key  Code:  a603w) 


What  type  of  availability  solution  do  you  need? 

□  UPS:  0-16KVA (Single-phase)  □  UPS:10-80kVA (3-phase AC)  □UPS:80+kVA(3-phaseAC)  DDC  Power 

□  Network  Enclosures  and  Racks  □  Precision  Air  Conditioning  □  Monitoring  and  Management 

□  Cables/Wires  □  Mobile  Protection  □  Surge  Protection  □  UPS  Upgrade  □  Don't  know 

Purchase  timeframe?  □  <1  Month  Q1  -3  Months  □  3-1 2  Months  Q1  Yr.  Plus 

You  are  (check  1):  □  Home/Home  Office  nBusiness  (<1000  employees)  □  Large  Corp.  (>1000  employees) 

□  Gov't,  Education,  Public  Org.  DAPC  Sellers  &  Partners 
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TEMPERATURE  SPIKE 

CLOSET  8,  BUILDING  3 
4:05:18  PM 


Now  APC  keeps  an  eye  on  your 

IT  when  you  can't 


DETECTED 

CLOSET  5,  BASEMENT 
8:56:24  AM 


CCESS 

CLOSET  2,  BUILDING  1 
10:30:15  PM 


NEW!  Receive  critical 
notifications  by  e-mail. 


Need  to  get  out  of  the  closet  -  but 
still  keep  an  eye  on  your  network? 

Bet  you  never  thought  you'd  end  up  with  so 
many  closets  to  look  after.  And  as  they've  grown 
in  numbers,  they've  also  grown  in  complexity, 
adding  to  the  risk  -  and  the  high  cost  -  of  downtime. 
The  availability  of  those  closets  is  critical,  but 
whether  your  network  is  converged,  in  multiple  locations,  or  housed 
out  of  sight  and  out  of  mind,  you  can't  be  in  ten  places  at  once,  mak¬ 
ing  sure  they're  all  secure  and  running  smoothly. 

Thankfully,  APC  has  engineered  an  integrated  solution  that  starts 
with  new  Smart-UPS  XL  -  the  Smart-UPS  you  already  know  and 
trust,  made  even  smarter  with  integrated  management  and  security- 
enabled  features.  Your  view  into  the  network  closet  has  never  been 
clearer,  with  automatic  alerts  of  power  anomalies,  security  events, 
or  thermal  incidents  that  threaten  your  critical  availability. 

If  you're  converging  your  network  or  just  need  an  extra  pair  of  eyes, 
start  with  APC  Smart-UPS  XL:  the  foundation  for  highly  available, 
secure,  managed  networks. 


The  APC  integrated  solution: 


Management  Enabled  UPS 

Performance  power  protection  with  runtime 
for  servers,  and  voice  and  data  networks. 

-  included  PowerChute*  management  software 

-  intelligent  battery  management 

-  hot-swappable  batteries,  scalable  runtime 


Management  Upgrades 

PowerChute'  Business  Edition:  Reliable 
network-based  shutdown  of  multiple  servers. 

InfraStruXure'  Central: 

A  centralized  physical  infrastructure  management 
platform  that  provides  real-time  device  monitoring 
and  immediate  event  notification. 


NetBotz  Physical  and 
Environmental  Security 

Protecting  IT  assets  from  physical  and  environ¬ 
mental  threats  with  video  surveillance,  access 
control,  and  environmental  monitoring  solutions. 

Cooling 

Wiring  Closet  Ventilation  Unit: 

Rapidly  deployable  wall  or  ceiling  mounted 
heat  removal  system  for  wiring  closets 
(Up  to  3kW  of  heat  removal) 

InfraStruXure*  InRow  SC:  Rapidly  deployable, 
in-row  air  conditioning  for  server  rooms  and  wiring 
closets  (Up  to  7kW) 


Find  APC  power  protection  products  at  Cum/ 

UPS  solutions  start  at$1 125  Security  solutions  start  at  $889 

Register  to  WIN  a  Smart-UPS  XL 
■■i  1400VA  Rackmount  -  a  $779  Value! 

Visit  www.apc.com/promo  and  enter  key  code  a603w  •  Call  888-289-APCC  x9373  •  Fax  401-788-2797 


Compatibility  certifications  with  the  industry's  top 
IP  Telephony  Vendors;  Cisco,  Avaya,  and  Nortel 


by  Schneider  Electric 
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APC's  Smart-UPS  and  Symmetra 
lines  are  certified  Cisco  Compatible, 
integrate  with  Cisco  CallManager 
version  4.x  and  Cisco  Unity  Express  and 
provide  graceful  unattended  shutdown  in 
the  event  of  an  extended  power  outage. 


Compatible 
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M  SECURITY 


Constant  Patch  Releases 
Forcing  New  IT  Processes 


Managers  struggle  to  find 
ways  to  deal  with  the  flood 
of  Axes.  By  Jaikumar  Vijayan 


THE  FIRST  Sunday 
after  the  second 
Tuesday  of  every 
month  is  a  big  day 
for  the  Arlington  County, 
Va.,  IT  unit’s  network  opera¬ 
tions  team. 

That’s  when  the  group 
gets  to  test  and  deploy  the 
patches  that  Microsoft  Corp. 
releases  each  month  as  part 
of  its  regularly  scheduled 


security  update  process. 

Some  months,  the  team 
gets  lucky  and  the  vendor 
issues  only  a  few  security 
fixes. 

On  other  occasions,  such 
as  this  month,  the  county 
government’s  IT  staffers 
aren’t  so  fortunate.  On 
Feb.  12,  Microsoft  released 
fixes  for  17  vulnerabilities 
—  the  company’s  biggest 


monthly  patch  release  since 
February  2007. 

Analysts  and  users  said 
that  such  large  releases  can 
be  overwhelming  to  some 
organizations,  prompting  IT 
staffers  to  look  for  ways  to 
ease  the  patching  process. 
Some  shops,  like  Arlington 
County’s,  have  created  espe¬ 
cially  strong  procedures  for 
dealing  with  the  problem. 

Lou  Michael,  director  of 
network  and  infrastruc¬ 
ture  services  in  Arlington 
County’s  department  of 
technology  services,  said  his 
organization  began  setting 
up  formal  processes  for  fix¬ 


ing  software  vulnerabilities 
after  Microsoft  moved  to 
a  monthly  patch  release 
schedule  in  October  2003. 

Previously,  Michael  said, 
patch  implementation  was 
mostly  handled  on  an  ad 
hoc  basis,  and  IT  personnel 
were  directed  “not  to  touch 
the  patches  until  there  was 
some  problem.” 

Microsoft’s  move  to  is¬ 
suing  patches  monthly 
“has  allowed  us  to  plan  for 
ourselves  and  to  set  expec¬ 
tations  for  our  customers,” 
Michael  said.  “We’ve  added 
structure  and  some  formal¬ 
ity  to  our  patching  process. 
There’s  been  a  shift  from 
being  reactive  [to  threats]  to 
having  a  plan”  for  address¬ 
ing  them. 

The  county  now  has  a 
fairly  mature  process  that 
enables  it  to  assess,  pri¬ 
oritize  and  automatically 
implement  security  fixes, 
Michael  added. 

“Folks  are  giving  the  en¬ 
tire  patch  life  cycle  more  at¬ 
tention  and  higher  priority,” 
noted  Pete  Lindstrom,  an 
analyst  at  Burton  Group,  an 
IT  consulting  firm  in  Mid¬ 
vale,  Utah. 

BIG  WORKLOAD 

This  month’s  “Patch  Tues¬ 
day”  release  from  Microsoft 
included  fixes  for  widely 
used  programs  like  the 
Windows  operating  system, 
Office  applications,  Internet 
Explorer  and  the  Internet 
Information  Services  Web 
server.  The  list  included 
five  updates  that  were  rated 
“critical”  —  the  highest 
rating  in  Microsoft’s  four- 
level  threat-scoring  system 
—  and  12  that  were  labeled 
“important,”  the  second- 
highest  rating. 

“Overall,  we  [were] 
astounded  with  the  quan¬ 
tity  and  size  of  the  latest 
patches,”  said  Matt  Kesner, 
Continued  on  page  16 
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Fujitsu  PRIMERGY®  servers 


IT  organizations  have  always  counted  on  the  performance  and  reliability  of  Fujitsu  PRIMERGY  servers. 
Thanks  to  Cool-Safe  technology,  they  can  count  on  lower  utility  bills  and  a  smaller  carbon  footprint, 
too.  Even  cooler,  our  new  PRIMERGY  TX1 20  tower  server  for  small  businesses  and  SOHOs  is  the 
smallest,  quietest,  most  energy-efficient  tower  server  on  earth.  And  you  don’t  even  need  an  on-site  IT 
staff  because  Fujitsu  PRIMERGY  servers  include  PRIMERGY  Sever  View  Remote  Management 
software,  which  gives  outside  consultants  or  IT  staff  at  headquarters  all  the  secure  remote  access  they 
need.  Flow  cool  is  that?  To  find  out,  go  to  http://us.fujitsu.com/computers/PRIMERGY. 


HIGH  ENERGY-EFFICIENCY. 

A  Fujitsu  PRIMERGY  TX1 20  tower  server  with  a  Dual-Core  Intel®  Xeon* 
UP  processor  uses  up  to  40  percent  less  power  than  previous  towers. 


COOL-SAFE  TECHNOLOGY. 

Bigger  fans  and  independent  air  tunnels  improve  airflow,  so 
Fujitsu  PRIMERGY  servers  can  run  faster,  cooler,  and  quieter 


BX620  S4  Blade  Servers 


TX120  TX3G0S3 
Twer  Server  Tower  S&vor 


RX300  S3  Rack  Server 


FUJITSU 

THE  POSSIBILITIES  ARE  INFINITE 

2007  Fujitsu  Computer  Systems  Corporation.  All  •fonts  reserved  Fujitsu  and  the  Fujitsu  logo  ore  registered  trademarks  of  Fujitsu 
Limited.  Coo! -Safe  is  a  trademark,  ana  PRIMERGY  is  a  registered  trademark,  of  Fujitsu  Siemens  Computers  GmbH.  Intel,  Intel  Lego, 
Intel  inside,  Intel  inside  Logo,  arxi  Xeon  are  trademarks  or  registered  trademarks  of  inter  Corporation  or  its  subsidiaries  in  the  United 
States  and  other  countries.  AS  other  trademark.';  and  product  names  are  the  property  of  their  respective  owners. 
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Continued  from  page  14 
chief  technology  officer  at 
Fenwick  &  West  LLP,  a  law 
firm  based  in  Mountain 
View,  Calif.  “This  month’s 
[patches]  will  cost  us  over 
100  hours  of  IT  time  to  test 
and  apply.  That  seems  ex¬ 
cessive  for  a  midsize  enter¬ 
prise  like  ours.” 

Jonathan  Fan,  senior 
director  of  product  manage¬ 
ment  at  BigFix  Inc.,  an  Em¬ 
eryville,  Calif.-based  vendor 
of  vulnerability  manage¬ 
ment  products,  noted  that 
even  companies  that  don’t 
rely  on  Microsoft  software 
are  increasingly  facing  simi¬ 
lar  issues  with  products  that 
run  on  non-Windows  oper¬ 
ating  systems. 

Several  other  major  soft¬ 
ware  vendors,  including  Ap¬ 
ple,  Oracle,  Adobe  Systems 
and  Skype,  issued  fixes  for 
corporate  and  consumer 
software  just  before  Micro¬ 
soft  released  its  February 
patches,  said  Fan. 

SETTING  PRIORITIES 

The  increasing  volume  of 
patches  has  led  some  com¬ 
panies  to  create  systems  for 
prioritizing  vulnerabilities 
to  make  sure  the  most  criti¬ 
cal  ones  are  fixed  first,  said 
Matt  Mosher,  senior  vice 
president  of  the  Americas 
at  Lumension  Security  Inc., 
a  vulnerability  assessment 
and  patch  management  ven¬ 
dor  in  Scottsdale,  Ariz. 

Gone  are  the  days  when 
IT  security  personnel 
rushed  to  patch  everything 
just  for  the  sake  of  patching, 
he  said.  Companies  must 
become  more  methodical 
and  make  sure  that  the  most 
serious  vulnerabilities  are 
fixed  first. 

“They  are  definitely  try¬ 
ing  to  prioritize  on  the  ones 
they  feel  pose  the  greatest 
risk,”  Mosher  said.  “They 
are  trying  to  apply  some  risk 
assessment  and  risk  scor- 


Overall,  we  [were]  astounded  with  the 
quantity  and  size  of  the  latest  patches. 


This  month’s  [patches]  will  cost  us  over  100 
hours  of  IT  time  to  test  and  apply.  That  seems 
excessive  for  a  midsize  enterprise  like  ours. 

MATT  KESNER,  CTO,  FENWICK  &  WEST  LLP 


ing”  to  patching  decisions. 

Fenwick  &  West,  for  in¬ 
stance,  prioritizes  Microsoft 
patches,  fixing  critical  vul¬ 
nerabilities  immediately  and 
taking  up  to  30  days  to  fix 
the  less  important  ones. 

Regulatory  and  internal 
requirements  have  also 
helped  push  IT  shops  to 
adopt  formal  patch  man¬ 
agement  practices,  Mosher 
noted.  Companies  are 
increasingly  required  not 
only  to  securely  patch  their 
systems,  but  also  to  demon¬ 
strate  auditable  compliance 
with  government  and  in¬ 
dustry  rules,  he  added. 

“The  issues  have 
changed,”  Mosher  said. 
“Companies  have  to  apply 
more  patches  and  prove 
that  they  are  patching.  It’s  a 
question  of,  ‘How  do  I  report 
on  compliance?’  ” 

Companies  also  need  to 
ensure  that  vulnerabilities 
remain  patched  so  that  pre¬ 
viously  patched  bugs  don’t 
reappear,  Mosher  added. 

Fan  noted  that  some  com¬ 
panies  have  implemented 
multiple  defenses,  such  as 
firewalls  and  intrusion- 
detection  and  -prevention 
systems,  to  try  to  reduce 
their  dependence  on  patch¬ 
ing.  While  such  measures 


may  have  helped,  they 
haven’t  eliminated  the  need 
for  patching,  he  said. 

Fenwick  &  West  has 
“multiple  layers  of  security,” 
Kesner  said.  “We  hope  that 
gives  us  time  to  bring  our 
systems  up  to  date,  but  one 
never  knows  if  that  is  true 
—  except  in  hindsight. 

“The  six  layers  of  anti¬ 
virus,  antispam  and  anti¬ 
malware  we  run  don’t  re¬ 
duce  the  need  to  patch,” 
Kesner  added.  “They  just 
give  us  hope  that  we  have 
breathing  room.” 

According  to  Michael,  Ar¬ 
lington  County’s  approach 
is  to  guard  against  vulner¬ 
abilities  as  well  as  patch 
them.  It’s  akin  to  wearing  a 
“belt  and  suspenders,”  Mi¬ 
chael  said. 

AUTOMATION  HELPS 

The  emergence  and  rela¬ 
tive  maturity  of  automated 
patch  management  tools 
from  vendors  like  BigFix 
and  Lumension  have  also 
been  catalysts  for  corporate 
change. 

BigFix’s  policy  content 
modules  for  patching  and 
Lumension’s  PatchLink  Up¬ 
date  tool  automatically  scan 
networks  for  disclosed  vul¬ 
nerabilities  and  check  to  see 


M  [Microsoft’s  patch  schedule]  has 
allowed  us  to  plan  for  ourselves  and 
to  set  expectations  for  our  customers.  We’ve 
added  structure  and  some  formality  to  our 
patching  process.  There’s  been  a  shift  from 
being  reactive  [to  threats]  to  having  a  plan. 

LOU  MICHAEL,  DIRECTOR  OF  NETWORK  AND 
INFRASTRUCTURE  SERVICES,  ARLINGTON  COUNTY,  VA. 


whether  patches  for  them 
have  been  applied. 

When  new  patches  be¬ 
come  available,  the  agent- 
based  technologies  from 
both  companies  inspect 
each  endpoint  to  see  if  the 
installed  patches  are  work¬ 
ing.  If  necessary,  the  tools 
can  automatically  fix  un¬ 
patched  vulnerabilities,  ac¬ 
cording  to  officials  at  both 
vendors. 

The  tools  can  also  moni¬ 
tor  a  system  to  see  if  chang¬ 
es  are  made  that  could  once 
again  leave  it  vulnerable.  In 
addition,  such  products  en¬ 
able  companies  to  roll  back 
patches  in  case  they  disrupt 
other  applications  or  cause 
them  to  crash. 

Fan  noted  that  some  com¬ 
panies  are  also  looking  to 
integrate  patch  management 
practices  with  broader  con¬ 
figuration  management  and 
vulnerability  assessment 
and  remediation  processes. 

“People  are  interested 
in  seeing  a  single  view” 
of  vulnerabilities,  he  said. 
“They  are  trying  to  under¬ 
stand  their  security  posture 
and  have  more  visibility 
and  controls  over  all  of  the 
software”  in  heterogeneous 
environments. 

“It’s  about  security  con¬ 
figuration  management,” 

Fan  said.  “What  are  the 
security  standards  for  my 
desktops  and  servers?  What 
are  the  configurations,  and 
how  do  I  make  sure  I  don’t 
drift?  How  do  I  know  in  real 
time  if  a  patch  that  came  out 
for  a  vulnerability  is  some¬ 
thing  I  need?” 

One  of  the  challenges 
with  something  like  Micro¬ 
soft’s  Patch  Tuesday,  Fan 
said,  is  that  “as  an  IT  orga¬ 
nization,  you  have  11  differ¬ 
ent  issues  that  you  need  do 
deal  with,  so  how  do  you 
buy  time?  We  are  seeing  a 
movement  toward  under¬ 
standing”  such  issues.  ■ 


16  C0MPUTERW0RLD  FEBRUARY  25,  2008 


Special  Advertising  Supplement 


protecting  what  matters: 


BY  BOB  HEARD 


Bob  Heard , 
Founder 
and  CEO, 
CREDANT 
Technologies 


Security  awareness  is  not  threat  preparedness.  Only  an  integrated,  data-centric 
architecture  can  provide  a  single  view  into  all  endpoints  and  users — and  optimal  security. 


VER  THE  LAST  THREE  YEARS  VARIOUS  DATA 
breaches  have  potentially  exposed  the  personal 
information  of  more  than  210  million  U.S.  res¬ 
idents.*  Businesses  and  government  agencies 
are  increasingly  aware  of  the  ramifications  to 
their  brands,  as  well  as  the  direct  costs  of  rectify¬ 
ing  a  breach.  But  are  they  more  prepared  now  than  in 
the  past  to  prevent  a  breach  before  it  occurs? 

While  there  are  numerous  causes  of  data  breaches, 
one  of  the  more  common  is  for  data  to  be  lost,  stolen 
or  exposed  on  an  employee’s  laptop,  smartphone,  iPod 
or  USB  thumb  drive. 

One  organization  I  visited  recently  thought  it  was 
protected  against  data  breaches  because  some  20,000 
employees  were  notified  by  email  not  to  use  thumb 
drives  or  personal  devices  like  smartphones,  or  to  take 
data  out  of  the  office.  When  I  asked  how  that  policy 
was  working,  the  CISO  replied,  “It’s  a  joke  around 
here.”  A  second  organization,  taking  a  more  draconian 
approach,  said  its  policy  was  to  apply  superglue  to  the 
USB  ports  on  every  new  laptop  that  was  provisioned. 

Clearly,  businesses  and  government  agencies  need 
to  be  much  better  prepared  to  prevent  data  breaches, 
while  at  the  same  time  enabling  business  processes 
that  result  in  increased  workforce  productivity. 

First,  they  have  to  guard  against  external  threats 
such  as  lost  or  stolen  laptops  ending  up  in  the  wrong 
hands.  But  what  about  the  internal  threats?  If,  for 
example,  an  executive  has  a  problem  with  his  or  her 
laptop,  it’s  likely  dropped  off  at  the  IT  department 
where  an  on-premises  or  off-premises  employee  or 
independent  contractor  may  have  access  to  all  the  data 
on  the  hard  drive.  What  about  the  threat  of  the  com¬ 
mitted  employee  extending  the  workday  by  taking 
data  home,  but  unwittingly  causing  the  data  on  the 
home  computer  to  be  compromised? 

Historically,  organizations  have  relied  on  hard  drive 
encryption  to  protect  sensitive  information.  But  today, 
data  is  pervasive  and  often  ends  up  on  personal  or 
home  computing  devices.  Security  executives  should 


require  a  data-centric,  policy-based  approach  that 
unifies  endpoint  data  security  holistically  across  all 
devices,  users  and  data. 

We  recommend  the  following  five  best  practices  to 
our  clients  to  help  them  attain  their  endpoint  data 
security  goals  and  implement  technology  at  the  lowest 
possible  total  cost  of  ownership  (TCO): 

1  ENFORCE  by  policy  complete  data  protection 
without  any  risk  of  users  placing  data  in  areas 
that  would  not  be  encrypted,  with  no  one  other 
than  the  authorized  user  having  the  ability  to 
view  such  data. 

2  ENSURE  transparency  for  end  users  and  desk¬ 
top  and  network  operations  teams. 

3  MAKE  SURE  any  data  taken  outside  the  organi¬ 
zation  is  encrypted  and  protected,  especially  on 
USB  thumb  drives. 

4  PUT  IN  PLACE  audit  processes  to  ensure  that 
any  device  can  be  “proven”  to  be  encrypted  at  any 
time  to  prevent  the  need  for  breach  notification  if 
the  device  is  lost  or  stolen. 

5  AVOID  any  impact  to  forensic  processes  due  to 
encrypting  data. 

CREDANT  Mobile  Guardian  (CMG)  integrates 
device  detection,  authentication,  encryption,  enforce¬ 
ment,  and  audit  and  reporting  features  into  a  single, 
holistic  architecture  for  controlling  encrypted  data 
across  all  endpoints,  manageable  from  a  single  admin¬ 
istrative  console. 

CREDANT’s  CMG  Full  Data  Encryption  provides  a 
higher  standard  of  security,  protecting  against  both 
the  external  and  insider  threats  without  compromis¬ 
ing  existing  end-user  and  IT  operations.  We  protect 
what  matters,  and  that  means  your  data. 

True  security  encompasses  both  the  pervasiveness 
and  the  portability  of  data.  It  requires  processes  and 
policies  that  accommodate  the  needs  of  both  end 
users  and  IT  staffers  without  driving  up  costs  or 
adversely  impacting  security  processes  and  usability. 

*  Source:  Privacy  Rights  Clearinghouse 
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Doubts  Cast  on 
Municipal  Wi-Fi  as 
Projects  Hit  Potholes 

Vendors  have  had  trouble  making  wireless 
networks  pay  off  in  several  cities,  raising 
questions  about  the  viability  of  the  highly 
touted  market.  By  Matt  Hamblen 


Three  years 
ago,  Tempe, 

Ariz.,  was 
one  of  the 
first  major  U.S.  cit¬ 
ies  to  announce  mu¬ 
nicipal  Wi-Fi  plans. 

Its  city  wide  network 
went  live  in  2006, 
making  wireless 
services  available 
to  all  of  Tempe’s 
170,000  residents. 

Dave  Heck,  the  city’s  CIO, 
remembers  how  municipal 
Wi-Fi  advocates  talked 
about  wireless  networks  as 
shining  beacons  that  would 
bring  Internet  connectivity 
to  the  masses.  But  that  kind 
of  optimism  is  nearly  gone 
in  Tempe,  and  the  city’s  net¬ 
work  is  dead  in  the  water. 

On  Dec.  28,  Kite  Net¬ 
works  Inc.,  a  division  of 
Gobility  Inc.  that  had  been 
operating  the  network  in 
Tempe,  cut  off  connections 
and  pulled  the  plug  on  its 
customer  service  phone  line 
and  Web  site.  Heck  said  sub¬ 
scribers  have  been  hound¬ 
ing  city  officials  to  restore 
the  Wi-Fi  service.  But  the 
city’s  leverage  over  Gobility 
is  limited,  he  added. 

“Obviously,  the  city  never 
thought  this  would  happen, 
or  we  would  have  never 


Obviously, 
the  city 
never  thought  this 
would  happen, 
or  we  would  have 
never  gotten  into 
[Wi-Fi]. ...  No¬ 
body  could  have 
foreseen  this. 

DAVE  HECK,  CIO.  TEMPE 


gotten  into  it,”  Heck  said. 
“People  are  pointing  fingers, 
with  some  citizens  thinking 
[the  city]  had  more  involve¬ 
ment  than  we  did.  Nobody 
could  have  foreseen  this.” 

But  Tempe  isn’t  alone 
in  feeling  the  sting  of  un¬ 
fulfilled  municipal  Wi-Fi 
expectations.  For  example, 
Chicago’s  government 
dropped  a  planned  Wi-Fi 
project  last  August,  citing 


high  costs  and  low 
subscriber  inter¬ 
est.  That  same 
month,  EarthLink 
Inc.  pulled  out  of  a 
deal  to  work  with 
Google  Inc.  to  build 
a  Wi-Fi  network  in 
San  Francisco. 

And  then  in  No¬ 
vember,  EarthLink 
said  it  was  consid¬ 
ering  “strategic  al¬ 
ternatives”  for  its  municipal 
Wi-Fi  unit,  after  conclud¬ 
ing  that  it  couldn’t  recoup 
investments  in  networks 
via  advertising  revenue  or 
residential  subscriptions. 
Earlier  this  month,  Earth- 
Link  announced  that  it  is 
now  trying  to  find  buyers 
for  its  Wi-Fi  assets  and  is 
checking  to  see  “if  the  cities 
themselves  are  interested” 
in  taking  over  ownership. 

Terry  Phillis,  CIO  for 
Philadelphia’s  government, 
said  he  is  making  contingen¬ 
cy  plans  in  case  EarthLink 
sells  or  abandons  a  city  wide 
Wi-Fi  network  that  the  com¬ 
pany  began  building  last 
May.  A  sale  of  the  network 
to  another  vendor  would  be 
preferable  to  having  the  city 
take  control,  Phillis  said.  But 
he  wants  to  be  prepared  for 
either  possibility. 


EarthLink  assured  the 
city  last  fall  that  it  would 
finish  the  network,  Phillis 
said.  “We  consider  [the  net- 
work]  an  asset  for  the  city,” 
he  noted.  “Our  priority  is  to 
get  it  completed.” 

Tempe’s  Wi-Fi  network 
had  a  peak  subscriber  base 
of  fewer  than  800  people, 
Heck  said.  He  blamed  poor 
marketing  by  Kite  Net¬ 
works,  which  Gobility  ac¬ 
quired  last  July. 

Gobility  CEO  Gary  Brown 
declined  to  comment,  citing 
legal  reasons. 

Heck  said  that  if  the  Wi¬ 
Fi  service  isn’t  restored 
by  March  28,  the  city  may 
seize  the  network’s  assets, 
which  primarily  consist  of 
900  wireless  access  points 
installed  on  utility  poles. 
Tempe  doesn’t  want  to  run 
the  network  itself,  but  Heck 
said  the  seizure  could  force 
Gobility  into  action.  Another 
option,  he  added,  would  be  to 
charge  the  company  rent  for 
the  space  on  the  poles,  which 
would  amount  to  almost 
$2  million  per  year. 

In  lieu  of  rental  fees,  the 
city  was  supposed  to  get 
free  Wi-Fi  service  for  use  by 
police  officers,  traffic  engi¬ 
neers  and  water  inspectors. 
Some  of  those  capabilities 
were  being  rolled  out  last 
year,  but  their  fate  is  now 
uncertain,  Heck  said. 

Esme  Vos,  founder  of  the 
MuniWireless  Web  site, 
insisted  that  the  municipal 
Wi-Fi  market  isn’t  dying. 

For  all  but  the  largest  cities, 
though,  a  business  model  in 
which  the  cities  themselves 
don’t  help  to  fund  the  net¬ 
works  through  so-called  an¬ 
chor  tenant  deals  isn’t  viable 
at  this  point,  Vos  said. 

Jeffrey  Kagan,  an  inde¬ 
pendent  analyst  in  Atlanta, 
agreed  with  Vos  that  munic¬ 
ipal  Wi-Fi  “will  win”  in  the 
end.  But,  he  added,  “taxpay¬ 
ers  have  lost  so  far.”  ■ 
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Take  away  the  jungle  of  cables.  Take  away  the  so-called 
"normal"  energy  requirements  and  maintenance. 
What  do  you  have?  Introducing  the  HP  BladeSystem 
c3000.  All  the  technology  of  our  larger  BladeSystem 
in  an  efficient,  compact,  affordable  package. 

Technology  for  better  business  outcomes. 
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On  the  Mark 

HOT  TRENDS  H  NEW  PRODUCT  NEWS  ■  INDUSTRY  BUZZ  BY  MARK  HALL 


Get  Users  Saluting  Together 


m. 


ERIO  MAILSERVER  6.5  could  be  pretty  good  news  for  IT 
shops  whose  users  want  to  collaborate  despite  being  on  dif¬ 
ferent  systems.  According  to  Dusan  Vitek,  vice  president  of 
worldwide  marketing  at  Kerio  Technologies  Inc.  in  San  Jose, 
the  new  release  lets  Linux,  Mac,  Windows  and  even  mobile 
handset  users  all  share  and  subscribe  to  one  another’s  calendars.  He  says 
MailServer  6.5  also  includes  an  updated  Outlook  plug-in  that  lets  people 


read  and  write 
mail,  make  calen¬ 
dar  changes  and 
perform  other 
groupware  tasks 
while  disconnected 
from  the  Kerio  Mail- 
Server.  The  new 
plug-in  includes  the 
open-source  Firebird 
database,  which  can 
capture  all  work 
done  on  the  road  and  update  every¬ 
thing  once  the  user  reconnects.  An¬ 
other  benefit  of  Firebird,  Vitek  says,  is 
that  users  can  do  full-text  searches. 
Pricing  starts  at  $499  for  10  users. 

ReSy  on  Hardware 

More  than  150  million  PCs  and  lap¬ 
tops  are  equipped  with  the  Trusted 
Platform  Module  (TPM)  micro¬ 
processor,  estimates  Steven  Sprague, 


CEO  of  Wave  Systems  Corp.  in  Lee, 
Mass.  And  Intel  Corp.  will  soon  in¬ 
clude  TPM  as  part  of  its  chip  sets. 
So,  Sprague  states,  “there’s  no  ex¬ 
cuse  anymore”  for  organizations  to 
overlook  this  technology  for  storing 
data  encryption  keys  and  providing 
authentication  services.  Corporate 
IT  departments  need  to  be  educated 
about  the  benefits  of  using  the  TPM 
chip  to  secure 
computers,  he 
says.  First,  Sprague 
points  out,  “you 
can’t  hack  hard¬ 
ware.”  If  a  hacker 
doesn’t  type  the 
user’s  PIN  or  pass- 
code,  he  can’t  ac¬ 
cess  the  machine. 

IT’s  reliance  on 
software  to  secure 
data  and  network 


Vitek:  Use 
different  operating 
systems:  share 
one  groupware 
tool. 


CIOs  need  to 
leverage  existing 
hardware 
security  on  PCs, 
argues  Sprague. 
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access  baffles  Sprague.  “Software 
for  security  has  pretty  much  failed 
us,”  he  says.  For  IT,  the  near-term 
security  advantages  of  TPM  are  sig¬ 
nificant.  Without  making  any  new 
investments,  Sprague  claims,  IT 
departments  can  “write  10  lines  of 
code”  to  enable  networks  to  accept 
authentication  certificates  from  TPM 
machines  —  no  more  maintaining 
occasionally  flaky  VPN  clients  and 
infrastructure. 


No  Recession  in 
Store  for  MSPs? 

We  should  all  be  so  lucky.  In  good 
economic  times,  managed  service 
providers  (MSP)  get  business  when 
their  customers  are  expanding  too 
fast  for  in-house  IT  staffers  to  keep 
up.  In  bad  times,  customers  often 
need  to  cut  capital  expenditures  and 
head  count,  bringing  more  business 
to  MSPs.  More-  i — 

S30B 


IDC’s  estimate  of  the 
total  MSP  market 
in  2007. 


over,  MSPs  cover 
all  business  seg¬ 
ments,  and  not  all 
vertical  markets 
dip  simultane¬ 
ously.  As  Christopher  Assif  says, 
“When  the  financial  segment  goes 
down,  the  health  care  sector  goes 
up.  We’re  sort  of  recession-proof.” 
Indeed,  despite  talk  of  recession, 
the  executive  vice  president  of  Lou¬ 
isville,  Ky.-based  Smoothstone  IP 
Communications  Corp.  forecasts 
that  his  company  will  add  50  people 
this  year.  And  he  says  he’s  “not  ter¬ 
ribly  nervous”  about  MSPs  from 
India,  which  he  claims  will  compete 
mostly  on  price,  not  quality  of  ser¬ 
vice  and  support. 

To  lure  even  more  business, 
Smoothstone,  which  manages  con¬ 
verged  voice  and  data  IP  services, 
will  add  instant  messaging  support 
to  its  service  menu.  The  Smooth¬ 
stone  Messaging  Service,  available  in 
Q2,  will  use  best-of-breed  technolo¬ 
gy  from  a  third  party  (possibly  IBM) 
that  is  integrated  into  the  company’s 
Web-based  management  console, 
where  users  can  see  the 
status  of  their  network, 
voice  and,  soon,  messag¬ 
ing  connections  through  a 
single  user  interface.  Pric¬ 
ing  for  the  IM  service  has 
not  been  set.  ■ 


^OMPUTERWORLDX  “ 


O  MORE  BUZZ 

Discover  and  discuss 
more  industry  action  at 
the  On  the  Mark  blog: 

computerworld.com/ 

biogs/hall 


For  you,  it’s  a  problem  you  didn’t  see  co 

For  your  business,  it’s  a  customer 
you  won’t  see  coming  back 


You  can’t  anticipate  every  problem.  But  Emerson  Network  Power  and  its 
Liebert  power  and  cooling  technologies  can  help  you  create  an  IT  infrastructure 
that  is  ready  for  anything— unplanned  outages,  unpredictable  growth  or 
unexpected  technologies. 


One  example  is  the  Liebert  NX,  a  software-scalable  UPS  that  can  double  in 
capacity  without  adding  or  modifying  hardware.  Download  our  white  paper, 
Powering  Change  in  the  Data  Center,  and  discover  what  Liebert  technologies 
can  do  for  your  operating  flexibility,  at  flexibility.liebert.com. 
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Liebert  flexibility 

Just  another  reason  why  Emerson  Network  Power  is  the  global  leader 
in  enabling  Business-Critical  Continuity1." 


Emerson,  Business-Critical  Continuity  and  Liebert  are  trademarks  of  Emerson  Electric  Co.  or  one  of  its  affiliated  companies.  ©2007  Emerson  Electric  Co. 


EMERSON.  CONSIDER  IT  SOLVED™ 
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Name:  Dawn  Lepore 
Title:  CEO 

Organization:  Drugstore.com  Inc. 

Location:  Bellevue,  Wash. 

Last  book  read:  “ Harry  Potter. 
My  husband  and  I  take  turns 
reading  aloud  [to  their  5-  and 
9-year-olds].  It’s  the  best  time 
of  the  day.” 

Favorite  technology:  TiVo 

Technology  she  couldn’t  live 
without:  “You  mean  besides 
TiVo?  E-mail.” 

Three  things  we’d  find  in  your 
Drugstore.com  shopping  cart: 
“Prilosec  [heartburn  medi¬ 
cine],  unfortunately;  iCoaster, 
which  is  my  son’s  favorite  toy; 
and  South  Beach  Diet  oatmeal 
chocolate  chip  cookies,  which 
are  my  absolute  favorite.” 


was  definitely  a  stretch  job  for  me, 
but  there  was  absolutely  nothing  I  en¬ 
countered  that  I  had  never  seen  before, 
because  I  had  run  operations,  legal  and 
human  resources  [at  Schwab].  I  had 
seen  benefits  plans  before.  I  had  been 
responsible  for  P&L,  so  I  knew  how  to 
think  about  it.  Legal  had  reported  to 
me,  so  when  we  had  a  lot  of  issues  with 
contracts,  I  had  a  good  understanding 
of  the  issues  and  an  understanding  of 
how  to  negotiate  situations.  I  had  been 
involved  in  mergers  and  acquisitions, 
so  I  knew  about  good  M&A  integra¬ 
tion.  Everything  I  had  done  was  really, 
really  valuable,  and  I  drew  on  almost 
every  one  of  my  experiences  in  the 
first  12  to  18  months  here. 

My  best  advice  to  a  CIO  who  wants 
to  be  a  CEO  is  broaden  yourself, 
broaden  yourself,  broaden  yourself, 
whether  it’s  through  serving  on  boards 
or  through  nonprofit  work  or  lateral 
moves  in  your  company  or  changing 
industries.  If  you  do  that,  you’ll  be 
very  happy  when  you  ultimately  find 
yourself  in  the  position  of  running  a 
company. 

How  does  your  experience  as  a  highly 
successful  CIO  inform  your  relationship 
with  Drugstore.com’s  CIO,  Luke  Friang? 

Continued  on  page  24 


Your  technology  career  began  at  Charles 
Schwab  &  Co.  in  1983.  By  1994,  you 
were  a  CIO,  and  now  you’re  a  CEO.  Is 
this  the  executive  trajectory  you  imag¬ 
ined  for  yourself?  Yes  and  no.  I  was 
a  music  major  at  Smith  [College].  I 
thought  I  could  never  aspire  to  be  a 
CIO.  Then,  when  I  got  to  be  a  CIO,  it 
was  a  really  challenging  and  excit¬ 


ing  time  at  Schwab,  and  I  thought  it 
would  be  fun  to  be  a  CEO.  But  at  that 
point  I  wasn’t  sure  how  to  get  there. 

The  thing  that  helped  me  was 
the  opportunity  to  take  on  broader 
roles.  I  think  it  is  very  difficult  to  go 
directly  from  being  a  CIO  to  a  CEO. 
During  my  first  year  at  Drugstore, 
this  company  had  a  lot  of  issues.  It 


■  THE  GRILL 

Dawn  Lepore 

The  CKMurned-CEO  talks  about  how 
to  make  it  to  the  top,  why  women  are 
perfect  for  certain  key  IT  roles,  and 
the  IT-intensive  road  to  profitability 
at  Drugstore.com. 
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Do  you  know  if  you  have  enough  network  protection? 
You  could  find  out  on  your  own  or  just  ask  CDW. 


SonicWALL  Email  Security  4001 

•  Powerful,  easy-to-use  inbound  and  outbound  e-mail 
threat  management 

•  Stops  spam,  viruses  and  phishing  attacks 

•  Prevents  leaks  in  confidential  information 

•  Stops  violation  of  regulatory  compliance  laws 

•  Ideal  for  medium-  or  large-sized  networks 

750-user  license  $3099.99  CDW  1044154 


(V\f)atchGuard' 


WatchGuard®  Firebox®  Core  X750e 
Unified  Threat  Management  (UTM)  Bundle 

•  Delivers  comprehensive  network  protection  with  an  intuitive  management  interface 

•  Bundle  includes  the  appliance  and  1-year  subscriptions  to  Gateway  AntiVirus/ 
Intrusion  Prevention  Service,  spamBlocker,  WebBlocker  and  1  year  of  extended 
hardware  warranty,  threat  alerts  and  technical  support 

$3195.99  CDW  973449 


We're  there  with  the  security  solutions  you  need. 

Today's  sophisticated  security  threats  go  way  beyond  what  antivirus  can  handle.  That's  why  CDW  has  all 
the  technology  you  need  for  full  network  gateway  protection.  From  firewall  protection  to  antispyware  to 
intrusion  prevention  and  beyond,  we  have  a  wide  variety  of  the  top  names  in  the  industry.  And  we  have 
the  expertise  to  answer  questions,  offer  advice  and  build  solutions  that  will  hold  up  to  the  worst  threats 
out  there.  So  call  CDW  today.  We're  there  with  the  total  protection  you  need. 


800.399.4CDW 
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SonicWALL  Email  Protection  Subscription  Services  required;  call  your  CDW  account  manager  for  details.  'Licensing  requires  a  minimum  purchase  of  11  licenses; 
includes  24  x  7  technical  support,  upgrade  protection  and  virus  definition  updates;  other  pricing  levels 'available;  call  your  CDW  account  manager  for  details.  Offer 
subject  to  CDWs  standard  terms  and  conditions  of  sale,  available  at  CDW.com.  ©2008  CDW  Corporation 


McAfee®  Total  Protection  for  Enterprise -Advanced 

•  Single  solution  with  a  single  console  engineered  from  the  ground 
up  to  reduce  the  complexity  of  managing  enterprise  security 

•  Includes  network  access  control,  host  intrusion  prevention, 
antispyware,  antispam,  antiphishing,  antivirus  and  firewall 


101-250  user  license2  $71.99  CDW  967319 


McAfee 


B  THE  GRILL  !  DAWN  LEPORE 


Technology 
is  a  very,  very 
interesting 
career.  You  get  to 
reinvent  yourself  all 
the  time. 


How  so?  The  part  where 
it’s  easier  is  that  Luke 
doesn’t  have  to  make  a 
case  that  technology  is 
important  or  convince 
us  that  we  need  to  use 
technology  to  move  the 
business  ahead.  He  has 
creative  good  partners 
at  the  table  with  him. 

The  downside  is  that  it’s 
always  harder  when  you 
have  people  who  think 
they  know  a  lot  about  what 
you  do.  Sometimes  people 
know  just  enough  to  be 
dangerous.  They  think  they  know  all 
the  issues  surrounding  the  new  tech¬ 
nology  or  the  technology  organization, 
and  they  don’t. 

Frankly,  I  think  the  fact  that  Luke 
reports  to  me  is  both  easier  and  harder 
for  him.  I  truly  know  what  it’s  like  to 
walk  in  his  shoes.  I  know  the  pressure 
he’s  under.  But  it’s  also  harder  in  that 
I  have  very  high  expectations  of  him 
and  I  ask  a  lot  of  questions. 


bution  channel.  Technol¬ 
ogy  is  certainly  important. 
Schwab  leveraged  technol¬ 
ogy  as  well,  but  technology 
wasn’t  Schwab’s  business, 
in  the  sense  that  there  are 
also  branches.  Because  our 
store  is  our  Web  site,  most 
of  the  executives  know  a 
fair  amount  about  technol¬ 
ogy  and  are  involved,  and 
that  makes  the  CIO’s  role 
easier  and  harder. 


Continued  from  page  22 
I  have  very  high  expectations.  Good 
enough  is  not  enough  to  build  a  great 
company  with  world-class  technology 
operations.  When  there’s  a  problem, 

I  can  drill  down  pretty  deeply.  He’s 
got  to  be  able  to  explain  to  me  all  the 
details  of  what  has  happened,  and  he  is 
very  good  at  that. 

It’s  interesting  at  Drugstore  because 
we’re  a  retail  company  that  leverages 
technology.  The  Internet  is  our  distri- 

241  COMPUTERWORLD  FEBRUARY  25,  2008 


Drugstore.com  is  growing,  but  it  has 
struggled  to  get  to  profitability.  How 
are  you  tapping  IT  to  turn  this  around? 

First,  we  were  profitable  last  year  on 
an  EBITDA  [earnings  before  interest, 
taxes,  depreciation  and  amortization] 
basis.  We  made  $2.4  million,  and  I  told 
the  Street  that  [in  2007]  we’ll  make 
$9  million  or  $10  million. 

This  is  all  about  driving  margins  and 
driving  sales,  cutting  costs  and  provid¬ 
ing  great  service.  This  year  what  has 
really  made  a  difference  is  we’ve  added 
alternative  payment  options.  That  was 
a  big  technology  project.  We’ve  added 
drop-ship,  which  gives  us  the  capabil¬ 
ity  to  carry  7,000  more  SKUs  that  we 


don’t  have  to  store  in  a  warehouse.  We 
drop-ship  them  from  the  manufac¬ 
turer.  We  put  in  a  new  internal  search 
tool,  which  is  helping  customers  find 
things.  When  we  added  7,000  SKUs, 
we  had  to  make  sure  customers  would 
find  what  they  were  looking  for.  Our 
results  are  because  of  these  big  IT 
projects  that  we’ve  gotten  done.  It’s  a 
credit  to  both  the  business  people  and 
the  IT  people  who  delivered  them.  It’s 
definitely  a  team  effort. 

I  want  to  talk  about  women  in  IT.  Just 
21%  of  computer  science  degrees  go  to 
women  today,  compared  with  37%  in 
1985.  What  impact  does  the  exodus  of 
women  from  computer  science  have  on 
IT  and  on  business  generally?  Anything 
that  limits  the  talent  pool  or  diversity 
of  the  talent  a  company  can  have  is 
bad.  I  don’t  quite  understand  all  the 
reasons  for  women  leaving  IT.  I  don’t 
think  they  find  a  lot  of  role  models  and 
mentors.  I  think  there  are  a  lot  of  pure 
technology  companies  where  the  cul¬ 
ture  has  grown  up  to  be  less  supportive 
to  women. 

It  is  discouraging  to  me  because  I 
think  technology  has  great  potential 
for  women.  A  lot  of  technology  posi¬ 
tions  are  about  synthesis,  collaboration 
and  innovation.  They’re  about  relation¬ 
ships  as  you’re  helping  your  business 
partners  solve  problems.  There  are 
many  women  who  have  very  strong 
skills  in  these  areas,  and  it’s  a  shame 
not  to  leverage  them. 

Technology  is  a  very,  very  interest¬ 
ing  career.  You  get  to  reinvent  yourself 
all  the  time. 

What’s  next  for  you?  Well,  I  have  a  lot  of 
work  to  do  still  here.  But  in  some  ways, 
now  the  fun  can  begin.  We’ve  spent 
the  last  three  years  making  sure  we’re 
profitable,  looking  at  cost  structure, 
changing  businesses  we’re  in  and  of¬ 
fers  in  the  marketplace.  Now  we  can 
take  a  profitable,  growing  base  and 
build  on  it.  We’re  looking  at  broaden¬ 
ing  our  offering  to  adjacent  categories 
and  doing  more  partnerships.  Taking 
a  company  from  $450  million  to 
$1  billion  is  more  fun  than  taking  a 
$350  million  company  and  growing  to 
get  it  profitable,  so  I  still  have  a  lot  of 
work  to  do  here. 

—  Interview  by  Julia  King 
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WHEN  INFORMATION  AVAILABILITY  MATTERS 
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SunGard.  Setting  new  standards  for 
Information  Availability  by  delivering 
a  range  of  solutions  that  meet  your 
specific  availability  objectives.  Flexible 
enterprise  wide  solutions  from  IT 
management  to  AdvancedRecoverySM. 
2,500  experts.  Three  decades  of 
experience.  100%  successful 
recovery  track  record. 

To  see  how  SunGard  can  help 
improve  your  IT  availability  stop 
by  www.availability.sungard.com 
or  call  800-871-5857  today. 


SUNGARD1S2S* 

Availability  Services  1  Connected: 

680  East  Swedesford  Road,  Wayne  PA  19C87 
800-468-7483  |  www.availability.sungard  com 


H  OPINION 


rhomton  A  May 


The  Many  Worlds 
Of  Technology 

OUR  WORLD  has  changed.  On  second  thought, 

make  that  “worlds.”  The  things  technology  execu¬ 
tives  are  supposed  to  handle  have  expanded  expo¬ 
nentially.  Virtualization,  innovation,  globalization 
and  collaboration  now  require  mastery  of  multiple  worlds. 


Here’s  a  rundown  on 
some  of  the  worlds  you 
may  now  find  yourself  in. 

■  The  Cold  War 
brought  us  the  First,  Sec¬ 
ond  and  Third  Worlds. 
There  is  now  a  fourth  — 
the  virtual  world.  Not  so 
long  ago,  IT  leaders  real¬ 
ly  only  had  to  understand 
the  First  World.  This  was 
where  technology  came 
from  and  where  it  was 
deployed.  This  is  no  lon¬ 
ger  the  case.  IT  leaders 
need  to  understand  all 
four  worlds  so  that  they 
can  source  talent  and  de¬ 
liver  IT  services  in  them. 

As  for  those  physical 
worlds,  geography  still 
matters  —  at  least  as  far 
as  IT  spending  patterns 
are  concerned.  IT  spend¬ 
ing  in  the  Asia-Pacific  re¬ 
gion,  Eastern  Europe,  the 
Middle  East  and  Africa 
is  forecast  to  run  three  to 
four  times  higher  than  in 
the  U.S.,  Canada,  Latin 
America  and  Europe  over 
the  next  18  months. 


■  Innovation  has  fun¬ 
damentally  transformed 
and  expanded  IT’s  world 
of  devices.  There  are  a  lot 
more  things  that  we  have 
to  examine,  cost-justify, 
deploy,  manage,  maintain 
and,  eventually,  retire. 
Someday  soon,  vendors 
assure  us,  their  impres¬ 
sively  imagined  product 
road  maps  will  lead  us 

to  a  world  where  a  single 
management  framework 
can  manage  all  of  our 
IT  infrastructure.  We’re 
waiting. 

■  Perhaps  the  most 
challenging  world  fac¬ 
ing  today’s  IT  leader  is 
the  world  of  work.  An  IT 
professional  of  20  years 
ago  would  find  today’s 
IT  work  and  IT  workers 

■  Perhaps  the 
most  challeng¬ 
ing  world  facing 
IT  leaders  is  the 
world  of  work. 


virtually  unrecognizable. 
Where  they  work  is  con¬ 
stantly  changing. 

Look  at  how  much  has 
happened  with  the  home 
office.  Dieringer  Re¬ 
search  Group  estimates 
that  more  than  28  million 
Americans  work  from 
home  at  least  part  of  the 
time.  According  to  the 
American  Home  Furnish¬ 
ings  Alliance,  seven  in 
10  Americans  now  have 
designated  workstations 
in  their  homes.  The 
National  Association 
of  Home  Builders  says 
home  offices  rank  as  the 
fourth  most  important 
feature  for  buyers  of  up¬ 
scale  houses. 

The  relationship  be¬ 
tween  the  people  doing 
the  work  and  the  entities 
for  whom  they  do  it  has 
changed  as  well.  Daniel 
H.  Pink,  author  of  Free 
Agent  Nation  (Business 
Plus,  2002),  estimates 
that  one-fifth  of  the 
people  in  the  U.S.  work¬ 


force  are  self-employed. 
The  typical  IT  workforce 
has  full-time,  part-time, 
contract  and  outsourced 
resources. 

But  these  free  agents 
still  must  be  managed 
and  led.  You  will  have  to 
bring  a  variety  of  formal 
and  informal  perfor¬ 
mance  feedback  tools  to 
bear  in  the  modern  IT 
workplace.  Determining 
salary  and  benefit  levels 
and  managing  advance¬ 
ment  opportunities  are 
much  more  complicated 
for  a  hybrid  labor  pool. 

You  will  have  to  be  a 
“multivational”  leader 
—  one  who  uses  multiple 
motivational  techniques. 
Multivational  leaders  re¬ 
alize  that  each  situation 
requires  a  calibrated  per¬ 
suasion  technique.  The 
multivational  leader  must 
master  and  manipulate 
different  and  overlap¬ 
ping  incentive  systems, 
drawing  on  promotional, 
intellectual,  social  and 
financial  motivators. 

Unlike  in  Earth’s  solar 
system,  the  number  of 
worlds  in  the  IT  solar 
system  keeps  expanding, 
not  contracting  (goodbye, 
planet  Pluto).  How  many 
of  your  worlds  have  you 
mastered?  ■ 

Thornton  A.  May  is  a  long¬ 
time  industry  observer, 
management  consultant 
and  commentator.  You 
can  contact  him  at 
thorntonamay@aol.com. 
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How  to  Protect 
and  Improve 
System  Performance 

The  Top  Ten  Points  to  Know  about  Fragmentation 

■  professionals  are  heroes  of  the  workplace.  Whether  with  cunning  wit  or 
a  Phillip’s  head  screwdriver,  they  solve  most  any  computer  emergency. 
However,  keeping  a  computer  running  at  top  speed  is  usually  preventative 
maintenance  instead  of  last-minute,  adrenaline-surging,  virus-vaccinating  heroics. 


Here  are  10  key  points  to  maintain  peak 
performance  across  any  network: 

1.  The  hard-disk  is  the  slowest  part  of 
any  system.  Say  you  are  operating  a  2.5 

GHz  processor.  That’s 
2.5  billion  opera¬ 
tions  every  second.  A 
large  number  of  hard 
disks  only  spin  at 
7200  rotations  per 
minute,  or  120  cycles 
per  second,  or  120 
Hz.  This  means  your  CPU  is  more  than  20 
million  times  faster  than  the  hard  disk.  The 
hard  disk  still  has  mechanical  components. 
Think  Terminator  2®,  when  a  mechanized 
Schwarzenegger  is  outclassed  by  the  faster, 
smarter  T-1000.  When  the  slowest  part 
of  your  computer  is  making  unnecessary 
reads,  the  entire  system  is  dragged  down. 

2.  Fragmentation  has  severe  effects. 

It’s  more  than  sluggish  and  crawling 
computer  speeds;  fragmentation  leads 
to  crashes,  hangs,  data  errors,  file 
corruption  and  boot-time  failures.  Files  that 
suffer  fragmentation  are  more  difficult  and 
take  longer  to  back  up.  When  systems  are 
thoroughly  defragmented,  they  run  faster 
and  more  reliably — period. 

3.  Real-time  defragmentation  is 
necessary.  Many  companies  rely  on 

24/7,  mission-critical 
servers.  Taking  these 
systems  offline  for 
maintenance  is  not 
an  option.  But,  having 
a  server  with  I/O 
bottlenecks  is  also 
not  an  option.  Only 
real-time,  invisible  defragmentation  fixes 
this  catch-22  situation.  • 

4.  Give  your  systems  faster-than-new 
speeds.  NTFS  best-fit  attempts  for  file 
placement  on  hard  drives  are  limited. 
Diskeeper®  2008  comes  with  a  new 
technology  called  I-FAAST™  (Intelligent 
File  Access  Acceleration  Sequencing 


Technology)1  that  re-sequences  your  files. 
So,  in  addition  to  consolidating  free  space, 
defragmenting  with  Diskeeper  boosts 
access  to  your  most  frequently  used  files 
by  as  much  as  80%.  I-FAAST  gives  systems 
faster-than-new  speeds. 

5.  Servers  are  especially  susceptible. 

While  disk  striping  improves  physical 
I/O  capacity  and  per¬ 
formance,  RAID  and 
SAN  systems  simply 
do  not  fix  fragmenta¬ 
tion  where  it  begins — 
at  the  file  system. 
Enormous  volumes 
with  heavy  read/write 
activity  lead  to  astronomical  fragmentation 
rates,  making  RAID  and  SAN  work  harder 


than  they  should.  The  efficiency  of  RAID 
and  SAN  may  lessen  some  of  the  physical 
effects  of  fragmentation,  but  fragmentation 
is  never  eliminated.  You’ll  need  to  buy  more 
and  more  equipment  to  compensate.  Sooner 
or  later,  the  tortoise  catches  the  hare,  and 
your  system  suffers  I/O  bottlenecks  and 
slow  server  speeds. 

6.  Operate  without  interrupting 
productivity.  The  new  InvisiTasking™ 
technology  makes  software  transparent. 
Diskeeper  2008  with  InvisiTasking  will 
work  invisibly  in  the  background;  only 
using  untapped  resources.  Systems  are 
continually  improved  without  any  manage¬ 
ment  or  impact  on  a  system’s  usability. 

7.  Defragment  despite  minimal  free 
space.  The  purpose  of  defragmentation 
is  to  restore  lost  speed  and  performance. 
A  defrag  engine  must  be  able  to  operate 
in  limited  free  space,  because  drives  with 
extremely  limited  free  space  are  the  ones 
in  need  of  the  most  help.  Diskeeper  2008 


handles  millions  of  fragments  and  can 
function  with  as  little  as  1%  free  space. 

8.  Stop  fragmentation  before  it  happens. 

Diskeeper  2008  comes  with  Frag  Shield™ 
2.0,  a  technology  that  automatically  defends 
against  fragmentation  of  critical  system  files. 
Frag  Shield  2.0  prevents  crash-inducing  frag¬ 
mentation.  It’s  like  Superman®  saving  the 
day — two  days  before  there’s  a  problem. 

9.  Auto-defrag  breathes  life  into 
systems.  It  keeps  systems  at  optimum 
speeds  and  eliminates  fragmentation- 
related  performance  issues.  Thoroughly 
defragging  systems  adds  2-3  years  onto  the 
hardware’s  useful  life.2 

10.  Analyze  your  network’s  performance. 

Poor  performance  on  a  remote  system  can 
easily  be  mistaken  for  a  slow  network.  Get 
Disk  Performance  Analyzer  for  Networks™. 
This  free  utility  scans  networked  systems 
for  fragmentation.  See  for  yourself  how 
fragmentation  is  affecting  your  systems. 
This  groundbreaking  program  will  provide 
comprehensive  reports  on  how  system 
speeds  will  improve  with  thorough  defrag¬ 
mentation.  Visit  www.diskeeper.com/cw2 
and  get  this  free,  must-have  utility. 

Diskeeper  2008  is  the  only  fully- 
automated  defragmentation  program.  It 
operates  invisibly  in  the  background  and  it 
dynamically  adapts  defragmentation  strate¬ 
gies  to  fit  the  needs  of  individual  volumes. 


With  new  defrag  engines,  Diskeeper  2008 
restores  performance  on  volumes  with 
as  little  as  1%  free  space.  Get  rid  of  slows, 
bottlenecks,  and  fragmentation-induced 
crashes.  Visit  www.diskeeper.com/cwl 

1  Available  on  Pro  Premier,  Server  and  EnterpriseServer  editions. 

2See  white  paper  at  www.diskeeper.com/cwpaper 
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with  InvisiTasking ~ 

Diskeeper 

Maximizing  Performance  and  Reliability — Automatically ~ 

Try  it  FREE  for  45  days! 

Download  a  free  trial  at 

www.diskeeper.com/cwl 

(Note:  Special  45-day  trialware  is 
only  available  at  the  above  link) 

Volume  licensing  and  Government/Education  discounts  are 
available  by  calling  800-829-6468,  extension  4415 


When  systems  are  thoroughly  defragmented, 
they  run  faster  and  more  reliably — period. 
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UIDO  SACCHI, 
CIO  and  senior 
vice  president 
of  corporate 
strategies  at 
CompuCredit 
Corp.,  decided  to 
go  with  the  flow. 
He’s  allowing 
Macintoshes  into  the  business  when  the 
requestor  makes  a  valid  business  case. 
“If  they  think  they  can  get  better  pro¬ 
ductivity  on  a  Mac,  so  be  it.  Who  am  I  to 
stop  them?”  he  says. 

Sacchi’s  attitude  is  a  tacit  acknowl¬ 
edgment  that  innovative  technologies 
and  those  offering  “superior  user  expe¬ 
rience”  are  evolving  in  the  home  mar¬ 
ket,  not  the  business  arena.  “The  win¬ 
ning  strategy  is  about  providing  tools 
to  the  users  that  pretty  much  resemble 
what  they’re  doing  at  home,”  he  says. 

This  “consumerization  of  IT”  is 
leading  Apple  Inc.  into  the  enterprise, 
albeit  through  the  back  door,  says 
Gartner  Inc.  analyst  Charles  Smulders. 

But  might  this  also  signal  the  stir¬ 
rings  of  a  bigger  change  —  a  Mac  in¬ 
surrection  at  the  enterprise  level? 

If  there  are  such  stirrings,  they’re  ten¬ 
tative,  and  Apple  doesn’t  seem  to  be  do¬ 
ing  much  to  rally  the  troops.  “We  haven’t 
seen  a  pledge  by  Apple  to  increase  the 
level  of  support  to  the  enterprise,”  says 
Smulders.  “They  continue  to  say  that’s 
not  a  market  that  they’re  focused  on.” 


That  didn’t  stop  Dale  Frantz,  CIO  at 
Auto  Warehousing  Co.,  which  began 
migrating  to  Macs  across  23  locations 
enterprisewide  last  year.  Even  so, 
Apple’s  lack  of  corporate  focus  con¬ 
cerns  him.  “The  biggest  weakness  at 
this  point  I’d  say  is  the  lack  of  a  cohe¬ 
sive  enterprise  strategy  on  the  part  of 
Apple,”  he  says. 

Apple  itself  appears  confused.  Asked 
to  discuss  its  enterprise  strategy  with 
Computerworld,  the  company  vacillated 
for  several  months  but  finally  declined. 
According  to  a  spokesman,  the  compa¬ 
ny  does  support  corporate  customers, 
but  he  declined  to  elaborate  on  Apple’s 
enterprise  strategy. 

Apple  may  also  need  to  keep  its  re¬ 
sources  focused  on  those  core  areas 

—  the  consumer,  education,  creative, 

IT,  science  and  small  business  markets 

—  where  it’s  seeing  rapid  growth.  The 
company’s  strategy  is  simple,  says 
Charles  Edge,  director  of  technology 
at  318  Inc.,  an  IT  consultancy:  “Make  a 
great  computer  that’s  standards-compli- 
ant.  If  enterprises  want  to  use  it,  great, 
but  if  they  don’t,  that’s  fine  too.” 

It  takes  more  than  a  great  product 
to  succeed  as  the  primary  personal 
computing  platform  in  large  busi¬ 
nesses.  “To  go  after  the  major  corpo¬ 
rate  accounts,  you  need  a  savvy  direct 
sales  force  [and]  a  dedicated  service 
organization  to  take  care  of  enterprise 
accounts.  That’s  not  Apple’s  heritage,” 
says  Tim  Bajarin,  president  of  consult¬ 
ing  firm  Creative  Strategies  Inc.  Even 


Why  it  could  happen  in  the 
enterprise.  And  why  it  probably 
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so,  he  says,  “I’m  getting  more  and  more 
questions  about  bringing  Macs  into  the 
enterprise  and  what  it  would  take.” 

Smulders  also  reports  a  rise  in  inqui¬ 
ries  from  enterprise  customers.  The 
increased  interest  is  being  driven  by 
changes  in  what  the  Mac  has  to  offer; 
by  Apple’s  success  in  the  consumer, 
small  business  and  IT  professional 
markets  and  other  niches;  and  by 
broader  trends  in  the  enterprise,  where 
Windows’  grip  on  the  desktop  may  be 
starting  to  loosen  just  a  bit. 

RETHINKING  THE  MAC 

The  Mac  attraction  is  easy  to  under¬ 
stand.  On  the  client  side,  Mac  OS  X  is 
relatively  easy  to  use.  The  addition  of 
new  features  in  the  latest  release,  Leop¬ 
ard,  only  serves  to  burnish  that  reputa¬ 
tion.  Macs  are  considered  more  stable 
than  Windows  PCs,  which  means  fewer 
help  desk  calls,  and  the  machines  cur¬ 
rently  present  fewer  security  problems. 

But  that’s  not  what  has  IT’s  attention. 

The  resurgence  of  interest  in  the 
Mac  is  a  direct  result  of  the  evolution 
of  increasingly  Windows-friendly,  In¬ 
tel  x86-based  Macs  and  the  introduc¬ 
tion  of  Boot  Camp,  which  allows  a  full 
Windows  environment  and  its  comple¬ 
ment  of  applications  to  run  natively  in 
a  separate  hard-drive  partition  on  any 
Mac.  If  Apple’s  earlier  move  to  Intel- 
based  hardware  had  IT  management 
rethinking  the  Mac’s  role,  the  full  inte¬ 
gration  of  Boot  Camp  into  the  Leopard 
release  of  OS  X  has  some  openly  talk¬ 
ing  about  it.  “It  changed  the  game,” 
says  Doug  Standley,  a  consultant  in  the 
technology  innovation  strategies  group 
at  Deloitte  Consulting  LLP. 

Geiger  Brothers  Inc.  already  has  25 
Mac  users  in  its  marketing  group,  but 
Mac  use  could  expand  in  the  future, 
says  Joe  Marshall,  business  analyst  at 
the  promotional  products  company. 

A  few  Macs  use  Parallels  Inc.’s  virtu¬ 
alization  software  to  allow  access  to 
Windows  business  applications,  but 
most  of  Geiger’s  300  PCs  remain  on 
Windows. 

Boot  Camp  is  faster  than  software 
emulation  packages  such  as  Parallels, 
since  Windows  runs  directly  on  the 
hardware  —  and  it’s  free.  Its  integra¬ 
tion  into  Leopard,  Marshall  says,  may 
have  leveled  the  playing  field  at  Geiger 
and  other  companies.  “There’s  a  poten- 


Vista  Worries  Spur 
Mac  Dreams 


DO  YOU  HAVE  CONCERNS 

ABOUT  MIGRATING  TO 
WINDOWS  VISTA? 


BASE:  961  IT  PROFESSIONALS 


OPERATING  SYSTEM 
YOU  WOULD  MOST 
LIKELY  DEPLOY  IN  PLACE 
OF  WINDOWS 


Not  — 
sure:  4°/o 


Other 
Linux:  9°/o 


Base:  The  44°/o  of  the  961  survey 
respondents  who  indicated  that  they 
would  consider  deploying  a 
non-Windows  operating  system  in 
place  of  Vista. 


SOURCE:  E-MAIL  SURVEY  OF  961  IT  PROFESSIONALS 
CONDUCTED  BY  KING  RESEARCH  INC.. 
NOVEMBER  2007,  FOR  KACE  NETWORKS  INC. 


tial  for  Apple  to  make  very  large  gains 
into  the  PC  environment,  and  not  just 
for  graphic  arts,”  he  says. 

On  the  server  side,  the  constellation 
of  Apple  products  —  Xserve,  Leopard 
Server  and  Xsan  —  is  intended  to  serve 
the  small-business  and  departmental 
islands  of  Macs  in  Apple’s  core  mar¬ 
kets.  But  Apple  has  also  beefed  up 
some  features  that  are  important  to 
enterprise  users.  Integration  problems 
with  Microsoft’s  Active  Directory  have 
been  resolved.  Users  can  update  their 
directory  profiles,  and  digital  signing  is 
supported.  The  fact  that  OS  X  is  based 


on  the  open  Unix  operating  system  and 
open  standards  such  as  Samba,  NFS, 
RADIUS  and  LDAP  also  makes  life 
easier  for  administrators. 

With  these  changes,  says  Edge, 

Apple  is  “pushing  toward  bigger  envi¬ 
ronments.” 

LICENSE  TO  SAVE 

On  the  server  side,  Apple  appears  to 
have  a  licensing  cost  advantage.  Its 
software  licensing  model  was  a  primary 
reason  why  Frantz  decided  to  standard¬ 
ize  on  Mac  servers.  Apple  licenses  Leop¬ 
ard  Server  on  a  per-server  basis  —  no 
client  access  licenses  are  required  to 
access  file-sharing,  e-mail,  chat,  shared 
calendars  and  other  basic  features. 

But  Apple  has  little  momentum  in 
larger  organizations.  For  example,  the 
MIT  campus  has  about  3,000  Macs 
but  just  a  few  isolated  Apple  servers. 

It  mostly  uses  Dell  hardware  running 
Windows  or  Linux.  “I  don’t  see  [Apple] 
taking  over  the  data  center  anytime 
soon,”  says  Don  Montabana,  MIT’s  di¬ 
rector  of  client  support  services.  “You 
go  with  what  works.” 

But  Apple’s  success  in  the  home  and 
education  markets  has  led  to  burgeon¬ 
ing  grass-roots  demand  for  Macs  in 
many  organizations,  since  more  and 
more  recent  college  graduates  have  Mac 
backgrounds  these  days.  At  George¬ 
town  University  Law  Center,  nearly 
50%  of  the  students  are  using  Macs,  up 
from  less  than  1%  a  few  years  ago,  says 
CIO  Pablo  Molina.  The  same  phenom¬ 
enon  is  occurring  at  MIT,  where  30% 
of  all  computers  on  campus  are  Macs, 
up  from  20%  last  year.  “This  incredible 
rise  in  the  use  of  Macs  is  going  to  put 
pressure  on  IT  departments  to  support 
Macintosh  PCs,”  Molina  predicts. 

Bajarin  and  Edge  say  their  enterprise 
clients  report  that  some  new  hires  are 
lobbying  for  Macs.  “The  younger  kids 
who  grew  up  on  Macs  are  frustrated 
with  the  tools  they’re  being  given,” 
Bajarin  says. 

“It’s  a  battle  between  corporate  and 
the  end  users  as  to  what  is  deployed,” 
Smulders  says.  But  ultimately,  the 
choice  of  personal  computer  is  not  a 
popularity  contest.  “I  don’t  believe 
we’ve  gotten  to  the  point  where  users 
are  deciding,”  he  says. 

According  to  Standley,  legacy  inte- 
Continued  on  page  32 


38  C0MPUTERW0RLD  FEBRUARY  25,  2008 


!  NETWORKS 


v  ' 

v-  .  \  , 


••  ;  ;  >.  • 


-V- 


■'  -  ?.  . 


i:k 


v  .A 

:  I 

.'is  ■  fe  '■■■{ 


to.  o£ 


"‘Pi/t,  tde’re-  ir\  ^efTous  tfJubU,  euf, newt^S 

Jkn'if>eris  fefere!/ cufiiny  ink  dur  ffifits  by 
fccttm  all  the  uiorlds  nr&fable  nefuisrfc." 


■ 


»  Troubled  by  evolving  network  threats?  As  you  open  up  the  network  to  more  users 
and  deploy  newer  apps  and  business  initiatives,  your  security  should  keep  pace. 
Only  Juniper  Networks  gives  you  unprecedented  protection  from  attacks  while 
providing  visibility  across  the  network.  So  defend  against  application-layer  threats 
and  minimize  downtime.  Deliver  valuable  assets  to  a  wider  base  of  users.  Adhere 
to  regulatory  compliance  requirements. 

Juniper’s  broad  security  portfolio  lets  you  leverage  the  network  in  new  ways,  to  achieve 
greater  business  goals.  The  switch  is  on  to  Juniper  Networks:  www.juniper.net/secure 
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gration  and  the  associated  conversion 
costs  are  the  primary  factors  keeping 
Macs  out  of  the  enterprise.  But  those 
issues  may  be  fading.  As  the  adoption 
of  Web  technologies  and  virtualization 
increases,  PC  hardware  and  operat¬ 
ing  system  are  increasingly  being  ab¬ 
stracted  away  from  existing  enterprise 
applications,  which  have  traditionally 
been  closely  aligned  with  Microsoft 
Windows.  That  has  created  a  small 
opening  for  alternative  platforms  such 
as  the  Mac. 

Some  programs  are  being  rewritten 
as  Web-based  applications;  others  have 
been  moved  to  virtual  environments 
such  as  Citrix  Presentation  Server. 

The  latter  execute  the  user’s  applica¬ 
tions  on  back-end  servers  and  require 
only  a  browser  plug-in  on  the  client  for 
full  access.  Geiger  Brothers’  IT  staff 
recently  rewrote  a  shipping  application 
to  support  a  Web  front  end  —  the  com¬ 
pany’s  new  standard.  “Anything  new  is 
being  coded  to  a  browser  as  opposed  to 
[Windows],  for  cross-platform  compat¬ 
ibility,”  says  Marshall. 

Eventually,  as  the  corporate  PC 
environment  becomes  fully  virtual¬ 
ized,  employers  won’t  worry  about  the 
underlying  hardware  and  operating 
system.  But,  says  Smulders,  “we’re  still 
a  few  years  away  from  that.” 

BACK  TO  REALITY 

Despite  the  Mac’s  promise,  it  still  falls 
short  for  broad  enterprise  adoption 
today.  For  Sacchi,  supportability  and 
total  cost  of  ownership  are  deal-killers. 
“Can  Apple  make  the  case  for  them¬ 
selves,  understand  all  of  the  CIO  issues 
and  help  me  solve  them?”  For  now,  he 
says,  the  answer  is  no. 

Usually,  Macs  are  more  expensive 
when  the  purchase  price  and  cost  of 
support  are  factored  in,  Sacchi  says. 

So  although  he’s  allowing  Macs  in,  he 
hasn’t  changed  his  plans.  “Because  of 
the  higher  costs  in  an  enterprise-level 
deployment,  you  have  to  have  a  justifi¬ 
cation  in  productivity.  Right  now,  I  see 
that  only  in  specific  niches,”  he  says. 

Smulders  cautions  that  problems  yet 
to  be  addressed  include  lagging  sup¬ 
port  from  middleware  and  enterprise 
software  vendors,  the  complexities  of 
adding  another  client  hardware  and 
software  platform  to  the  mix,  and  the 
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lack  of  a  second  source  for  system 
hardware  and  parts. 

MIT’s  Montabana  confirms  the  first 
point.  “The  piece  that’s  left  is  to  get  all 
of  the  ERP  packages  compatible  with 
the  Mac,”  he  says.  “For  Oracle,  SAP  and 
[other  enterprise  software],  the  Mac 
clients  always  lag  behind.” 

Configuring  Macs  to  support  Win¬ 
dows  also  adds  complexity  to  the  envi¬ 
ronment,  with  two  operating  systems 
and  possibly  emulation  software  to 
support.  Boot  Camp  and  virtualization 
software  are  a  good  interim  solution 
for  small  groups  of  Mac  users  that  need 
access  to  a  few  Windows  applications, 
but  Molina  doesn’t  see  that  as  a  long¬ 
term  strategy  for  larger  populations. 

Edge  recommends  using  Citrix  Pre¬ 
sentation  Server,  rather  than  relying  on 
Boot  Camp  or  emulation  software  such 
as  Parallels  or  VMware  Fusion.  “It’s  a 
lot  cheaper  to  buy  an  Active  Directory 
license  and  a  Citrix  license  than  to  buy 
a  copy  of  Parallels  and  XP  or  Vista  and 
a  copy  of  the  application,”  he  says. 

But  companies  with  enterprise  licens¬ 
ing  agreements  don’t  have  to  worry 
about  extra  Windows  licenses  because 
they’ve  already  paid  for  them,  says  Mar¬ 
shall.  But  Parallels  does  represent  an 
incremental  licensing  expense;  it  costs 
$80  per  Mac  before  volume  discounts. 

Still,  that’s  not  Molina’s  point.  “It’s 
not  the  cost  but  the  complexity  of 
maintaining  all  of  those  environments. 
I  don’t  see  that  as  a  viable  mainstream 
option.  You  either  stay  in  Windows  or 
you  switch  to  Macs,”  he  says. 


Another  concern  is  that  Apple  has 
sometimes  had  trouble  meeting  de¬ 
mand  for  equipment  and  parts.  And  its 
forays  into  licensing  its  hardware  to 
third  parties  —  first  with  the  Mac  and 
more  recently  with  its  iPod  —  have  not 
fared  well. 

Sacchi  says  finding  an  alternative 
source  for  parts  is  not  a  big  deal  for  one 
department  with  a  few  Macs.  “But  if 
somebody  is  thinking  about  a  complete 
enterprise  replacement,  that  would  be  a 
concern,”  he  adds. 

When  deploying  Macs  at  scale,  IT 
can’t  afford  to  be  held  hostage  to  a 
single  vendor’s  supply  chain  prob¬ 
lems.  “Compared  to  where  they  were 
five  years  ago,  [Apple’s]  supply  chain 
and  manufacturing  is  much  tighter,” 
Bajarin  says.  But  MIT  is  experiencing 
problems  right  now.  “Getting  parts 
from  Apple  can  be  a  very,  very  difficult 
process.  It  can  take  weeks,”  Monta¬ 
bana  says.  In  contrast,  his  PC  vendors 
deliver  parts  the  next  business  day. 

Service  and  support  are  also  hurdles. 
“You’re  transferring  to  a  platform  from 
a  vendor  that’s  not  committed  to  sup¬ 
porting  large  enterprise  needs.  From 
what  we’ve  seen,  the  tools  available 
and  the  support  are  not  enterprise- 
class,”  Smulders  says. 

“In  my  mind,  the  service  level  has 
dropped  from  what  it  used  to  be,”  says 
Jim  Quinlan,  president  of  sporting 
goods  retailer  Jax  Inc.  in  Fort  Collins, 
Colo.,  which  runs  its  business  on  Mac 
hardware  and  software.  With  no  local 
Apple  reseller,  Jax  must  ship  equip¬ 
ment  back  to  Apple  for  service.  If  he 
can’t  wait,  he  must  travel  70  miles  to 
the  nearest  Apple  store. 

Edge  points  out  that  Apple  offers  en¬ 
hanced  support  for  larger  customers, 
but  the  $50,000  price  tag  is  high. 

Quinlan  doesn’t  plan  to  abandon  the 
Mac.  He  says  he  has  had  no  virus  prob¬ 
lems,  the  intuitive  interface  creates 
fewer  support  issues,  and  the  hardware 
has  been  reliable.  But  most  large  busi¬ 
nesses  will  likely  remain  insurrection- 
free  for  the  foreseeable  future.  “I  don’t 
think  you’ll  see  a  significant  penetra¬ 
tion  into  the  enterprise  until  Apple 
makes  the  strategic  decision  to  go  after 
that,”  says  Bajarin. 

On  the  other  hand,  if  Apple  contin¬ 
ues  to  see  more  interest  at  the  IT  level, 
he  says,  “they’ll  adjust.”  ■ 
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Get  the  full  story  in  one  easy  dick.  Visit  hp.com/go/storageutopia2 
1-888-490-8043 


TEN  EASY  STEPS 

IS  FIVE  TOO  MANY. 

Being  a  storage  expert  isn't  just  for  the  experts  anymore. 
The  HP  StorageWorks  1  200  All-in-One  Storage  System  is 
simple  to  use  and  can  be  implemented  in  less  than  ten 
mouse  clicks.  It's  the  first  storage  area  network  designed 
for  almost  everyone. 

Technology  for  better  business  outcomes. 
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HP  StorageWorks  1200  All-in-One  Storage  System 

Integrated  file  serving,  data  protection  and  application  data  storage  in  a  single, 
affordable  system 

•  Dual-Core  Intel”  Xeon 4  Processor1 

•  Microsoft  Windows  Storage  Server  2003  R2 

•  Up  to  9  TB  Capacity 
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eye,”  Curt  says.  But  because  people 
were  happy  to  get  back  on  a  system 
that  worked  and  he  was  able  to  cover 
the  $1  million  through  savings  in  other 
areas  of  IT,  “the  consequences  in  this 
case  were  minimal,”  he  says. 

But  he  learned  a  valuable  lesson: 

“If  you’re  going  to  be  first,  get  lots  of 
assurances,  understand  where  you’re 
at,  and  that  [vendors]  need  to  give  you 
extra  services  at  their  cost  —  which 
wasn’t  the  case  with  me.”  The  experi¬ 
ence  didn’t  sour  Curt  on  risk-taking, 
though.  He  is  currently  managing 
partner  at  Alpharetta,  Ga.-based  CIO 
Services  LLC,  a  company  he  started. 

BETTING  ON  HUMOR 

hen  Eileen  Strider  was 
vice  president  of  IT  at 
a  large  insurance  com¬ 
pany,  a  planned  consoli¬ 
dation  of  several  data  centers  didn’t 
go  smoothly.  The  company  president 
asked  Strider  to  explain  the  situation 
to  the  unhappy  business  people  at  an 
annual  sales  force  meeting.  Strider 
knew  the  usual  PowerPoint  presenta¬ 
tion  wouldn’t  go  over  well  with  that 
audience. 

“They  didn’t  really  want  to  know 
the  technical  details,  so  I  was  trying  to 
figure  out  how  to  do  this  without  mak¬ 
ing  it  sound  like  I  was  blaming  other 
people,”  she  says. 

She  decided  to  take  a  risk  and  use 
humor  to  explain  —  and  diffuse  —  the 
tense  situation.  “I  could  have  totally 
bombed,”  she  says.  “But  my  intuition 
was  strongly  telling  me  to  do  this,  that 
it  would  be  OK.  And  it  couldn’t  be 
worse  than  boring  them  with  Power¬ 
Point  and  having  them  walk  away  say¬ 
ing,  ‘I  still  don’t  understand.’  ” 

She  dressed  for  her  presentation 
in  a  bulletproof  vest,  lightening  the 
atmosphere  immediately.  She  used  a 
volunteer  from  the  audience  to  portray 
the  fragile  application  that  had  to  be 
moved  to  Chicago.  She  piled  him  up 
with  a  huge  stack  of  three-ring  binders 
and  added  multiple  bright  pink  Post- 
its  to  represent  the  policies,  patches 
and  fixes  made  to  the  system  over  the 
years.  Then  she  used  a  rubber  coil  to 
link  him  with  another  volunteer,  who 
played  a  new  system  that  ran  the  ap- 


Assessina  Risk: 


Lauren  Mackler,  a  personal  and  executive 
coach  at  Lauren  Mackler  &  Associates  LLC 
in  Newton,  Mass.,  and  co-author  of  Speaking 
of  Success  (Insight  Publishing,  2007),  has  a 
simple  system  to  help  assess  risk. 

1  Write  a  list  of  pros  and  cons  regarding  the 
action  you  are  contemplating. 


2  Assign  each  a  rank  from  1  (lowest  poten¬ 
tial  benefit/harm)  to  10  (highest  potential 
benefit/harm). 

Add  the  scores  to  find  out  whether  pros  or 
cons  dominate. 


“The  pros-and-cons  exercise  puts  out  in 
front  of  you  where  your  values  are,”  Mackler 
says.  “It  really  makes  you  think  about  your 
priorities.” 

-  Mary  K.  Pratt 

plication,  and  she  had  them  attempt  to 
shuffle  together  toward  another  volun¬ 
teer  who  represented  Chicago. 

Strider’s  risk  helped  her  audience 
understand  why  the  move  had  been 
rocky.  It  improved  IT’s  image  and 
enabled  everyone  to  lighten  up.  She 
is  now  president  of  consulting  firm 
Strider  &  Cline  Inc.  in  Kansas  City, 
Mo.,  which  she  co-founded. 

THE  FUTURE  IS  NOW 

n  the  early  1980s,  Kavin  Moody 
was  18  months  into  his  job  as  a 
systems  planner  for  sales  and 
marketing  at  The  Gillette  Co.  He 
proposed  building  a  system  to  extract 
information  from  the  operational  sys¬ 
tem  and  feed  it  into  a  different  environ¬ 
ment,  where  it  could  be  analyzed  and 
combined  with  much  better  report¬ 
writing  capabilities. 

In  short,  Moody  wanted  to  build  a 
business  intelligence  system,  but  this' 
was  years  before  anyone  had  put  that 
name  on  it. 

“It  was  criticized  by  the  IT  people  as 
being  redundant,”  Moody  says.  “And  if 
it  had  failed,  I  would  have  been  gone; 
no  question  about  it.  But  it  was  the 
right  thing  to  do.  I  knew  it  would  have 
a  big  impact,  and  I  felt  obligated  to  the 
business  managers  who  hired  me.” 

He  worked  hard  to  get  the  CIO,  an 
IT  director  and  a  sales  division  leader 
on  board.  Then  he  found  money  in  the 


existing  budget  to  build  a  prototype, 
which  he  used  to  convince  the  sales 
department  to  invest  in  the  project.  In 
the  end,  the  project  not  only  succeeded 
but  also  eventually  expanded  into  a 
multidivisional  system. 

The  success  propelled  Moody  to 
build  and  lead  the  systems  research 
department.  That  role  put  him  on  the 
path  to  CIO,  a  position  he  held  at  Gil¬ 
lette  for  five  years.  Today,  Moody  is 
executive  director  at  the  Center  for 
Information  Management  Studies,  a 
forum  for  IT  management  issues  at 
Babson  College  in  Wellesley,  Mass. 

LEAP  OF  FAITH 

aomi  Karten  remembers 
colleagues  telling  her  that 
she’d  make  a  good  consul¬ 
tant.  But  at  the  time,  she 
was  an  IT  manager  at  a  national  insur¬ 
ance  company,  where  she  had  job  se¬ 
curity.  And  in  1984,  job  security  meant 
something.  The  idea  of  going  out  on 
her  own  wasn’t  on  her  radar  screen. 

Then,  a  few  things  got  her  thinking. 
She  facilitated  consensus-building  be¬ 
tween  two  camps  that  were  bumping 
heads.  She  realized  she  didn’t  like  the 
company’s  “toxic”  work  environment, 
and  she  wasn’t  inspired  by  the  thought 
of  going  somewhere  else  and  doing 
more  of  the  same. 

The  idea  of  becoming  a  consultant 
clicked,  and  she  made  the  leap,  giving 
herself  just  one  year  to  succeed. 

“The  idea  of  working  without  a  boss 
or  the  security  of  a  job  was  outside  the 
scope  of  anything  I  had  ever  conceived 
of,”  Karten  recalls. 

She  learned  as  she  went.  “Some¬ 
times,  what  you  don’t  know  can  help 
you,”  Karten  says,  explaining  that  if 
she  had  known  then  what  it  took  to  run 
a  consulting  business,  “it  would  have 
been  overwhelming.” 

Networking  and  serendipity  helped 
her  build  her  business,  and  today  she  is 
principal  at  Karten  Associates  in  Ran¬ 
dolph,  Mass.  “Often,  we  are  capable  of 
so  much  more  than  we  give  ourselves 
credit  for,”  she  says.  “It’s  only  by  taking 
a  chance  that  we  find  out  what  we’re 
made  of.”  ■ 

Pratt  is  a  Computerworld  contributing 
writer  in  Waltham,  Mass.  Contact  her  at 
marykpratt@verizon.net. 
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For  complete  details,  or  to  register:  www.snwusa.com 


Attend  the  leading  conference  for  IT  managers, 
storage  architects  and  infrastructure  professionals. 


Storage  Networking  World-the  world’s  largest  and  foremost 
storage  networking  event-is  where  IT  management  and 
professionals  learn,  network  and  maximize  their  company’s 
storage  capabilities. 

At  SNW,  you  can  choose  from  over  1 40  educational  sessions 
and  network  with  peers  from  around  the  globe-plus  visit 
with  top  solutions  providers  in  the  world’s  largest  Expo, 
Tech-Edge  Zone  and  Hands-on  Lab  focused  on  storage. 
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Laura  Campbell 


Ms.  Campbell  is  director  of 
the  National  Digital  Library  of 
the  Library  of  Congress,  in 
which  capacity  she  has  led  a 
cooperative  national  effort  to 
digitize  and  make  available 
electronically  important  and 
interesting  documents  of 
America's  history  and. culture 
from  libraries  and  archival 
institutions  throughout  the 
country.  NDL  has  put  in  place 
the  award-winning  American 
Memory  Web  site  that  is  the 
cornerstone  of  the  Library's 
online  information  service 
for  the  nation. 
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Ray  Kurzweil 


As  the  founder,  Chairman  and 
Chief  Executive  Officer  of 
Kurzweil  Technologies,  Inc., 
Ray  Kurzweil  has  been 
described  as  “the  restless 
genius"  by  the  Wall  Street 
Journal,  and  "the  ultimate 
thinking  machine"  by  Forbes. 
Inc.  magazine  ranked  him  #8 
among  entrepreneurs  in  the 
United  States,  calling  him  the 
“rightful  heir  to  Thomas 
Edison,"  and  PBS  included  Ray 
as  one  of  16  “revolutionaries 
who  made  America,"  along  with 
other  inventors  of  the  past 
two  centuries. 
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Storage  Networking 
Orlando. 

April  7-10,  2008 

Rosen  Shingle  Creek  Resort 

Orlando,  Florida 
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■  SECURITY 


Recently,  Fallon 
Community 
Health  Plan, 
OmniAmeri- 
can  Bank  and 
T.  Rowe  Price  Group  Inc. 
joined  the  never-ending 
parade  of  organizations 
disclosing  security  breaches 
that  have  resulted  in  the 
potential  compromise  of 
personal  data. 

Last  month,  the  retire¬ 
ment  services  group  at 
Baltimore-based  investment 
firm  T.  Rowe  Price  began 
notifying  about  35,000  cur¬ 
rent  and  former  participants 
in  several  hundred  plans 
that  their  names  and  Social 
Security  numbers  might 
have  been  compromised. 

A  spokesman  said  that 
the  possible  breach  resulted 
from  the  theft  last  Decem¬ 
ber  of  computers  containing 
the  data  from  the  offices 
of  a  third-party  services 
provider  that  was  preparing 
tax-related  forms  on  behalf 
of  T.  Rowe  Price. 

A  similar  laptop  theft 
in  December  may  have 
compromised  some  per¬ 
sonal  and  health  care  data  of 
29,800  members  of  Fallon, 
a  Worcester,  Mass.-based 
health  care  provider  and  in¬ 
surer.  A  spokesman  said  that 
the  laptop  was  stolen  from  a 
third-party  service  provider 
and  that  the  data  stored  on 
the  system  doesn’t  appear  to 


Hacks,  Heists 
And  Breaches: 
The  Security 
Hall  of  Shame 


Last  year’s  five  biggest  losers 
offer  cautionary  tales. 

By  Jaikumar  Vijayan 


have  been  encrypted  or 
password-protected. 

In  a  third  incident  to 
make  the  news  last  month, 
Fort  Worth,  Texas-based 
OmniAmerican  said  that  it 
had  been  forced  to  impose 
unspecified  restrictions  on 
ATM  and  debit  card  trans¬ 
actions  after  hackers  broke 
into  its  systems.  The  bank 


didn’t  disclose  the  number 
of  cards  being  blocked  and 
reissued.  But  the  Fort  Worth 
Star-Telegram  newspaper 
quoted  OmniAmerican’s 
president  as  saying  that  the 
bank  was  reissuing  about 
40,000  cards. 

But  these  latest  incidents 
seem  mere  peccadillos  when 
compared  with  the  truly 


sensational  hacks,  heists  and 
breaches  that  have  taken 
place  over  the  past  year  or 
so.  Here  are  our  nominees 
for  the  Security  Hall  of 
Shame’s  five  worst  breaches 
of  2007,  in  ascending  order. 


5Monster.com 

Names,  e-mail  and 
home  addresses,  phone 
numbers  and  resume  IDs 
of  an  estimated  1.6  million 
job  seekers  were  accessed 
from  Monster.com’s  resume 
database  in  August.  Though 
widely  described  as  a  hack¬ 
ing,  the  information  was  ac¬ 
tually  accessed  by  attackers 
using  legitimate  usernames 
and  passwords,  most  likely 
stolen  from  professional 
recruiters  and  human  re¬ 
sources  personnel  who  were 
using  Monster.com  to  look 
for  job  candidates.  No  Social 
Security  numbers  or  finan¬ 
cial  data  was  compromised. 


4TD  Ameritrade 
Holding  Corp. 

Brokerage  firm 
Ameritrade  disclosed  in 
September  that  someone 
had  broken  into  one  of  its 
systems  and  stolen  contact 
information  such  as  names, 
addresses  and  phone  num¬ 
bers  belonging  to  its  more 
than  6.2  million  retail  and 
institutional  customers. 
Social  Security  and  account 
numbers  in  the  same  data- 


Throw  Away  Half  Your  Disk  Drives 


We  encourage  you  to  reuse  or  recycle.  Learn  more  at:  www.eiae.org 


base  appeared  to  have  been 
left  untouched,  the  company 
said.  The  stolen  data  was  ap¬ 
parently  used  to  send  stock- 
related  spam. 

3  Fidelity  National  Infor¬ 
mation  Services  Inc. 

Personal  information 
on  more  than  8.5  million  in¬ 
dividuals  was  compromised 
when  a  senior  database 


administrator  working  at 
Certegy  Check  Services 
Inc.,  a  subsidiary  of  Fidelity 
National,  illegally  down¬ 
loaded  the  data  and  sold  it 
to  brokers.  Fidelity  National, 
which  is  separate  from  the 
better  known  Fidelity  In¬ 
vestments,  said  in  July  that 
2.5  million  records  had  been 
compromised,  but  it  later 
quietly  upped  the  number  in 


filings  with  the  U.S.  Securi¬ 
ties  and  Exchange  Commis¬ 
sion.  The  company  says  that 
the  stolen  data  appears  to 
have  been  resold  primarily 
for  direct  marketing  pur¬ 
poses  rather  than  financial 
fraud. 
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HM  Revenue  &  Customs 

In  November,  the 
U.K.’s  tax  agency 


The  Foot-Shooter  Awards 


Among  other  notable  meltdowns 
were  these  self-imposed  crises: 

■  DHS  creates  its  own 
DDoS  attack.  Thousands  of 
security  professionals  subscribing 
to  a  daily  news  roundup  e-mailed 
by  the  U.S.  Department  of  Home¬ 
land  Security  found  their  in¬ 
boxes  clogged  with  mail  from  one 
another,  thanks  to  an  apparent 
technical  oversight  by  an  e-mail 
administrator  working  for  a  DHS 
contractor.  The  October  cascade 
kicked  off  when  one  subscriber 
sent  a  reply  to  the  list  administra¬ 
tor  with  a  change  request.  That 
e-mail  was  automatically  re-sent 
to  all  of  the  list  subscribers. 

Within  hours,  dozens  of  sub¬ 
scribers  had  replied  to  the  original 
mail.  Each  response  was  in  turn 
sent  to  all  of  the  other  subscribers 
on  the  list,  and  so  on.  By  the  end 
of  the  day,  more  than  2  million 
messages  had  been  generated, 
creating,  in  effect,  a  miniature  dis¬ 


tributed  denial-of-service  attack. 

■  Symantec  crashes 
China.  A  signature  update  to  Sy¬ 
mantec  Corp.’s  antivirus  software 
in  May  crippled  thousands  of  PCs 
in  China.  The  software  identified 
two  critical  system  files  of  the 
Chinese  edition  of  Windows  XP 
Service  Pack  2  as  Trojan  horses 
and  quarantined  them,  causing 
widespread  crashes.  Making 
matters  worse,  those  specific 
files  were  required  in  order  to 
start  affected  systems  in 
Safe  Mode,  ensuring 
all-but-total  shutdown 
and  drawing  howls  of 
protest  from  the  blogo 
sphere. 

■  House  outs 
whistle-blowers.  In  Octo¬ 
ber,  the  House  Judiciary  Commit¬ 
tee  had  to  apologize  to  dozens  of 
whistle-blowers  for  accidentally 
exposing  their  e-mail  addresses 
to  other  individuals  who,  like 


them,  had  used  a  committee 
Web  site  to  secretly  submit  tips 
about  alleged  abuses  at  the  U.S. 
Department  of  Justice.  The  snafu 
came  about  when  one  of  the 
committee’s  clerical  employees 
accidentally  included  the  e-mail 
addresses  of  all  the  whistle-blow¬ 
ers  in  the  “To”  field  of  a  message 
sent  out  to  each  tipster. 

■  Microsoft  sees  pirates 
-  everywhere.  In  August,  an 
unspecified  server  error  at  Micro¬ 
soft  Corp.  resulted  in  many  pay¬ 
ing  users  of  the  company’s 
Vista  and  XP  systems  be¬ 
ing  mistakenly  identified 
as  pirates  by  Microsoft's 
indows  Genuine  Ad¬ 
vantage  software  validation 
system.  The  problem  lasted  for 
19  hours,  during  which  time  frus¬ 
trated  users  lost  some  features 
that  they  could  get  back  only  after 
revalidating  themselves. 

-  JAIKUMAR  VIJAYAN 


disclosed  that  it  had  lost 
unencrypted  disks  contain¬ 
ing  personal  information  on 
25  million  juvenile  benefits 
claimants.  The  disks  dis¬ 
appeared  in  transit  to  the 
U.K.  National  Audit  Office. 
They  included  bank  details 
and  national  ID  numbers. 
Analyst  firm  Gartner  Inc. 
predicted  that  the  closure 
of  compromised  accounts 
and  the  establishment  of 
new  ones  could  cost  British 
banks  about  $500  million. 

IThe  TJX  Companies  Inc. 

The  booby  prize  goes 
to  Framingham,  Mass.- 
based  retailer  TJX.  Early 
last  year  (several  months  af¬ 
ter  the  fact),  it  disclosed  the 
biggest  breach  ever  involv¬ 
ing  payment  card  data. 

TJX  claimed  that  more 
than  45.6  million  customer 
cards  were  compromised 
in  an  intrusion  that  went 
undetected  for  more  than  18 
months.  But  banks  suing  the 
company  put  the  number 
of  cards  involved  at  94  mil¬ 
lion.  The  breach  prompted 
numerous  lawsuits  and  calls 
for  stronger  data-protection 
laws  —  and,  unfortunately, 
engendered  a  spate  of  fraud¬ 
ulent  card  use. 

By  its  own  estimates,  TJX 
has  already  spent  or  set 
aside  close  to  $250  million 
for  costs  stemming  from  the 
incident.  ■ 
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■  SECURITY  MANAGER’S  JOURNAL  I  C.J.  KELLY 


A  Chance  to  Hire 
Causes  Some  Angst 

Now  that  she  has  approval  to  fill  an  empty 
slot,  our  manager  wonders  whether  quali¬ 
fied  security  engineers  will  want  the  job. 


ORKING 
for  a  state 
government 
certainly 
has  its  ups  and  downs,  and 
I’ve  been  down  now  for  a 
long  while.  I’ve  told  you 
about  the  state’s  budget 
cuts  and  hiring  freeze  and 
about  my  department’s 
chronic  understaffing.  We 
were  overdue  for  some 
good  news,  and  I  finally 
got  some. 

The  word  came  down 
from  on  high  that  we  can 
hire  someone  to  fill  a  po¬ 
sition  in  my  department 
that  has  been  open  for 
months.  I  certainly  felt 
good  about  that.  We’ve  all 
been  crunched  for  time 
in  the  department,  with 
projects  falling  way  behind 
schedule.  I’ve  had  so  much 
on  my  plate  that  I’ve  been 
feeling  as  if  I’m  not  really 
accomplishing  anything. 

A  LONG  WISH  LIST 

But  as  one  songwriter  said, 
just  when  you’re  thinking 
you’ve  finally  got  it  made, 
bad  news  comes  knocking 
at  the  garden  gate.  Unfor¬ 
tunately,  the  downside  has 
already  made  its  presence 
felt. 

Over  these  past  few 
months,  I  have  had  a  lot  of 


time  to  think  about  what 
kind  of  person  I  want  to  fill 
that  position.  I  don’t  need 
another  network,  Windows 
or  help  desk  person.  I  need 
a  security  engineer.  But 
the  kind  of  person  I  want 
is  not  going  to  work  for  the 
salary  the  state  is  able  and 
willing  to  offer. 

I  need  someone  who  has 
Cisco  security  experience; 
someone  who  is  familiar 
with  PIX/ASA  firewalls, 
VPN  configurations, 
intrusion-detection  and 
-prevention  devices  and 
the  Cisco  MARS  event- 
correlation  appliance; 
someone  who  understands 
why  NetFlow  data  is  im¬ 
portant.  I  need  someone 
who  can  see  the  big  picture 
and  who  fully  compre¬ 
hends  why  we  have  to  do 
things  the  way  we  do.  It’s  a 
tall  order,  and  the  state  hir¬ 
ing  system  works  against 
filling  it. 

In  this  state  government, 
a  person’s  demonstrated 


Rl  I  won’t  find  any¬ 
one  at  all  if  I  dent 
follow  the  state’s 
Byzantine  regula¬ 
tions  for  hiring 
new  employees. 


skills  are  pretty  much  ir¬ 
relevant  in  determining 
salary.  What  matters  is  the 
grade  level  of  the  position. 
That  grade  level  has  an 
associated  pay  range,  and 
there  is  no  variance. 

So,  here  I  am  with  an  im¬ 
possible  task.  I  want  to  hire 
someone  with  top-flight 
skills  for  very  little  pay.  I’m 
left  to  hope  that  someone 
within  the  state  system 
has  been  looking  for  an  op¬ 
portunity  to  move  up  the 
ladder  —  someone  who 
already  possesses  the  skills 
we  need  but  hasn’t  been 
recognized  for  them. 


Trouble 

Ticket 


AT  ISSUE:  The  state’s 
pay  structure  works 
against  hiring  people 
with  needed  skills. 

ACTION  PLAN:  Hope  for 
the  best  and  plan  for  the 
worst. 


filling  out  endless  paper¬ 
work.  I’m  assured  that 
each  piece  of  paper  serves 
a  specific  purpose,  though 
no  one  seems  able  to  tell 
me  just  what  those  pur¬ 
poses  are. 

This  process  will  take 
months,  so  the  sooner  I 
hunker  down  and  fill  out 
the  initial  forms,  the  soon¬ 
er  I’ll  be  able  to  hire  some¬ 
one  —  should  the  right  per¬ 
son  show  up.  In  addition,  I 
have  to  write  an  online  job 
posting,  screen  candidates, 
conduct  interviews  and 
then  fill  out  more  paper¬ 
work  as  we  start  to  narrow 
the  number  of  applicants 
down  to  five. 

My  fallback  plan,  if  I 
can’t  get  the  quality  of 
skills  I’m  looking  for,  is  to 
train  one  or  two  of  my  cur¬ 
rent  employees  to  manage 
the  security  devices. 

I’m  wearing  several  hats 


Or  maybe  I’ll  chance 

right  now;  I’m  the 

upon  someone  in  a  posi- 

IT  manager,  the 

tion  to  follow  my  path  into 

security  man- 
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state  government.  I  moved 

ager  and  the  se- 
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to  this  state  for  family  rea- 

curity  engineer. 

To  join  the  discussion 
about  security,  go  to 

sons  and  took  a  huge  pay 

It’s  too  many 

computerworld.com/ 

cut  to  work  for  the  state. 

roles  for  me  to 

blogs/security. 

be  effective  in 

BURIED  IN  PAPERWORK 

any  of  them.  I  need  to  solve 

Well,  I’ll  just  have  to 

that  problem,  even  though 

keep  my  fingers  crossed. 

doing  so  might  require  me 

I  won’t  find  anyone  at  all 

to  take  on  three  additional 

if  I  don’t  follow  the  state’s 

roles:  mentor,  leader  and 

Byzantine  regulations 

teacher.  ■ 

for  hiring  new  employ- 

This  week’s  journal  is  writ- 

ees.  The  state  personnel 

ten  by  a  real  security  man- 

department  seems  to  take 

ager,  “C.J.  Kelly,”  whose 

some  perverse  delight  in 

name  and  employer  have 

making  everything  an  ex- 

been  disguised  for  obvious 

ercise  in  shuffling  papers. 

reasons.  Contact  her  at 

Hiring  someone  involves 

mscjkelly@yahoo.com. 
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m  OPINION 


Robert  L.  Mitchell 


PC  Virtualization: 
We’re  Almost  There 


THESE  DAYS,  everyone  is  excited  about  the  prom¬ 
ise  of  PC  virtualization,  but  with  so  many  different 
flavors  out  there,  it’s  hard  to  know  where  to  start. 
The  idea  of  reducing  a  fully  functional  corporate 
desktop  into  a  single  file  that  can  be  carried  on  a  USB  disk  and 


run  on  any  PC  is  exciting 
to  users.  But  virtualiza¬ 
tion’s  real  benefit  lies  in  its 
potential  to  reduce  man¬ 
agement  and  support  bur¬ 
dens,  improve  security  and 
reliability,  and  lower  total 
cost  of  ownership. 

We’re  not  there  yet.  Fig¬ 
uring  out  how  to  deploy 
the  right  mix  of  desktop 
virtualization  technolo¬ 
gies  at  scale,  and  how  to 
manage  across  all  of  those 
virtual  environments,  will 
be  the  big  nut  to  crack  in 
2008.  For  most  enterpris¬ 
es,  this  will  be  a  year  to 
test  and  experiment  with 
smaller  rollouts. 

We’ve  come  a  long  way 
since  desktop  virtualiza¬ 
tion  meant  using  thin 
clients  that  interacted 
with  Windows  applica¬ 
tions  running  on  a  Citrix 
MetaFrame  back  end. 
Today,  you  can  virtualize 
individual  Windows  ap¬ 
plications  (think  Softric- 
ity)  or  entire  virtual  PCs 
(VMware  ACE),  and  you 
can  choose  between  hav¬ 
ing  virtual  environments 
execute  on  the  PC  or  on 


back-end  hardware  (Citrix 
Xen  Desktop,  Presenta¬ 
tion  Server).  For  virtual 
environments  that  execute 
on  the  PC,  some  products 
(Kidaro,  Moka5)  allow 
streaming  of  centrally 
managed  virtual  machine 
images  and  updates  down 
to  the  client.  Kidaro  adds 
a  management  wrapper 
around  the  virtual  PC  that 
includes  tight  security 
controls  to  allow  it  to  run 
securely  on  unmanaged 
Windows  PCs. 

But  desktop  virtualiza¬ 
tion  is  not  a  one-size-fits- 
all  proposition.  Not  only 
do  you  need  to  choose  a 
variety  of  products  for  dif¬ 
ferent  needs,  but  in  some 
situations,  you  might  need 
to  deploy  virtualization  in 
layers.  For  example,  you 
can  issue  a  plug-and-play 
VMware  ACE  virtual  PC 
that  includes  its  own  in¬ 
stance  of  Windows,  and 

n  Desktop 
virtualization  is 
not  a  one-size- 
fits-all  proposition. 


then  use  an  application 
virtualization  product  like 
Softricity  to  create  indi¬ 
vidually  isolated,  virtual¬ 
ized  Windows  application 
instances  running  within 
that  environment.  There 
are  good  reasons  why  you 
might  want  to  do  that,  but 
that’s  also  a  lot  of  complex¬ 
ity  to  manage. 

Application  virtualiza¬ 
tion  products  are  needed 
because  they  redress  a 
core  failure  of  Windows: 
the  inability  to  control 
misbehaving  application 
installs  that  create  registry 
or  DLL  conflicts.  Applica¬ 
tion  virtualization  lets  IT 
avoid  much  of  the  regres¬ 
sion  testing  otherwise  re¬ 
quired  to  create  a  reliable 
desktop  system  image.  It 
also  lets  older  applications 
to  run  on  a  newer  version 
of  Windows  and  can  allow 
two  versions  of  the  same 
application  to  run  side  by 
side. 

In  the  future,  this  capa¬ 
bility  may  be  integrated 
into  Windows  itself,  says 
Natalie  Lambert,  an  ana¬ 
lyst  at  Forrester  Research. 


She  predicts  that  Micro¬ 
soft  will  roll  its  Softricity 
technology  into  the  next 
release.  It  will  become  the 
ultimate  work-around  for 
the  problem  of  misbehav¬ 
ing  applications,  and  the 
standard-bearer  for  all 
future  deployments  of 
Windows  applications. 

“Three  years  from  now, 
every  [Windows]  applica¬ 
tion  will  be  virtualized,” 
she  says. 

Once  you  choose  the 
right  tools,  there’s  the 
question  of  how  to  manage  | 
them.  Today,  you  do  that 
piecemeal  —  even  within 
a  single  vendor’s  product 
line.  VMware’s  Virtual 
Desktop  Manager  works 
for  hosted  VDI  environ¬ 
ments,  for  example,  but 
you’ll  need  a  different  tool 
for  those  VMware  ACE 
environments,  and  another  j 
for  Thinstall,  the  virtual-  J 
ization  software  that  VM¬ 
ware  recently  acquired. 

Other  vendors  have  their 
own  tools,  of  course. 

But  don’t  let  that  stop 
you.  As  with  server  virtu¬ 
alization,  the  enterprise- 
class  tools  will  evolve  as 
users  climb  the  adoption 
curve.  In  the  meantime, 
the  ability  to  abstract  the 
corporate  work  environ¬ 
ment  away  from  the  vaga¬ 
ries  of  the  underlying  PC 
hardware  and  host  operat¬ 
ing  system  —  and  to  keep 
squabbling  applications 
apart  —  makes  for  a  com¬ 
pelling  business  case.  ■ 

Robert  L.  Mitchell  is  a 
Computerworld  national 
correspondent.  Contact 
him  at  Robert_Mitchell@ 
computerworld.com. 
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1-800-IT-FINDS  •  www.dtsearch.com 
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Too  Many  Chiefs 


Back  in  the  mid-’BOs,  the  title  of  CIO  was  an  unusual  new 
addition  to  the  business  hierarchy  that  often  needed  to  be 
spelled  out  for  people.  But  today,  according  to  an  article  in  online 
business  journal  Knowledge@Wharton,  from  the  University  of 
Pennsylvania's  Wharton  School,  there  has  been  an  explosion  of 
C-level  titles  in  corporate  America.  Expanding  from  the  relatively 
tame  chief  innovation  officer,  chief  privacy  officer  and  chief 
marketing  officer,  the  chiefs  have  taken  titles  as  exotic  as  chief 
reputation  officer,  chief  blogging  officer,  chief  customer  insights 
officer,  chief  sustainability  officer  and  even  chief  apology  officer. 

Can  there  possibly  be  enough  Indians  to  justify  all  these  chiefs? 

Wharton  management  professor  Sarah  Kaplan  says  com¬ 
panies  bestow  such  titles  “to  signal  the  importance  of  that 
particular  issue  to  the  corporation.  So  you  have  a  chief  diver¬ 
sity  officer  because  the  company  realizes  that  diversity  is  an 
important  initiative.  And  the  way  to  signal  that  is  to  create  a 
C-level  job  to  implement  it.” 

But  Betsey  Stevenson,  professor  of  business  and  public  poli¬ 
cy  at  Wharton,  has  a  different  read  on  the  C-level  explosion.  She 
suggests  that  some  of  these  chiefs  may  be  “the  same  ones  who, 
as  students,  pushed  for  A’s  and  caused  grade  inflation.  Now  they 
are  making  it  into  the  corporate  world,  and  they  want  big  titles.” 

-  KATHLEEN  MELYMUKA 
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Laugh,  and  Your  Manager  Laughs  With  You 


How  important  do  you  think  Does  your  manager  have  a 
it  is  for  managers  to  have  a  good  sense  of  humor? 

sense  of  humor? 
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10% 

know / 
no  answer:  3% 


Not  at  all  im¬ 
portant:  3% 


Business  Meets 
Academia 


»>  How  U.S.  colleges  and  universities  are  working  with 
the  private  sector  to  develop  next-generation  IT  leaders 


■  School:  Creighton  Universi¬ 
ty’s  College  of  Business  Admin¬ 
istration,  Omaha 

■  Number  of  degrees 
awarded  in  spring  2007: 
B.S.  in  MIS:  12;  B.S.  in  computer 
science  (from  the  College  of 
Arts  &  Sciences):  7;  M.S.  in  IT 
management:  4;  dual  MBA / 
M.S.-ITM  degrees:  4 

■  Does  it  have  an  IT  ad¬ 
visory  council?  The  College 
of  Business  Administration 
has  a  Dean’s  Advisory  Council 
consisting  of  business  leaders  in 
the  Omaha  area,  says  Associate 
Dean  Ravi  Nath,  who  is  also  the 
Jack  and  Joan  McGraw  En¬ 
dowed  Chair  in  IT  management. 
The  group  meets  formally  twice 
a  year,  in  addition  to  offering  on¬ 
going  feedback  on  the  college's 
IT  and  business  curricula,  says 
Nath.  The  college  also  solicits 
input  from  area  employers  where 
students  are  involved  in  intern¬ 
ships,  Nath  says. 

■  IT  executive  feedback 
that  has  helped  amend  the 
curriculum:  Omaha-area  ex¬ 
ecutives  say  they're  constantly 
looking  for  students  with  leader¬ 
ship  skills,  says  Nath.  So  five 
years  ago,  the  College  of  Busi¬ 


ness  Administration  launched 
a  three-year  extracurricular 
leadership  program  for  students 
entering  their  sophomore  year. 
Participants  must  take  part  in  10 
activities,  including  “shadowing” 
an  Omaha-area  executive  in  the 
workplace  and  writing  a  paper 
on  leadership,  says  Nath. 

In  addition,  three  years 
ago  the  college  developed  a 
course  on  mobile  and  wireless 
technologies  that  was  based 
on  input  received  from  Omaha 
executives,  he  says. 

The  university  also  encourag¬ 
es  students  to  work  on  projects 
for  nonprofit  businesses  and  or¬ 
ganizations.  Under  a  partnership 
the  college  formed  five  years 
ago  with  the  Nonprofit  Associa¬ 
tion  of  the  Midlands  in  Omaha, 
teams  of  two  or  three  students 
are  involved  in  semesterlong  IT 
projects  that  could  include  de¬ 
signing  a  Web  site  or  cleansing 
data  from  a  database,  says  Nath. 
The  program  is  part  of  their 
coursework,  and  the  students 
are  graded  on  their  efforts. 

“It’s  been  a  very  good  part¬ 
nership  for  us  and  for  our  IT 
students,"  says  Nath. 

-THOMAS  HOFFMAN 


PAGE  COMPILED  BY  JAMIE  ECKLE. 


Co-Branded 

EMAIL 

BLASTS 


Reach  your  target  audience 
of  professional  IT  job  seek¬ 
ers  with  Computerworld’s 
Co-Branded  Email  Blasts. 
This  unique  program  allows 
you  to  choose  your  criteria 
of  100%  opt-in  subscribers 
by  geography,  company 
size,  job  title  and  industry. 

Call  Laura  Wilkinson  at 
800-762-2977  for  details! 

COMPUTERWORLD 


IT  careers 


What  if  health  care  could  be  different?  And  what  if  you  could  help  make  it 
different  every  day?  At  Regence,  we're  striving  to  transform  health  care  from 
the  inside  out.  It's  a  mission  we  passionately  uphold,  and  one  that  guides 
every  decision  we  make.  And  we  seek  the  visionary,  driven  individuals  bold 
enough  to  chart  the  future  with  us. 

We  currently  have  an  outstanding  opportunity  for  a  dedicated  IT  professional 
in  Portland! 

SECURITY  ARCHITECT  •  Portland,  OR 

In  this  senior  role,  you  will  make  an  impact  every  day  by  using  your  vision  to 
define  and  implement  security  architecture  and  policy  for  our  7  billion  dollar 
health  care  company.  Through  regular  interactions  with  our  engineers, 
developers  and  Quality  Assurance  teammates,  you  will  accomplish  key 
responsibilities,  including  charting  and  overseeing  implementation  of  our 
security  posture.  Qualified  applicants  will  possess  their  Master’s  Degree, 
10+  years  experience  and  CISSP  certification.  Relocation  assistance  is 
provided.  For  a  complete  job  description  and  to  apply  online,  please  visit: 

www.regence.com/careers  &  apply  to  Job  #16189. 

We  offer  a  competitive  salary  and  generous  benefits  package.  We  are  an 
equal  opportunity  employer  dedicated  to  workforce  diversity  and  a  drug- 
and  smoke-free  workplace.  Drug  screening  and  background  check  required. 

For  other  exciting  IT  opportunities  such  as:  MGR  Release  Management 
#15903;  Mgr  Server  Systems  (1200  Servers,  300+  Terabytes)  #16079; 
Director  Core  Applications  Development  #16115;  search  online  at: 

regence.com/careers 

Take  charge  of  your  career. 

Regence 

The  Regence  Group  is  an  Independent  Licensee 
of  the  Blue  Cross  and  Blue  Shield  Association 


Juniper  Networks  in 

Westford,  MA  is 
currently  recruiting  for: 

Staff  Engineer 
#4315:  Design  and  imple¬ 
ment  features  for  company 
router  forwarding  engines. 

Mail  resume  with 
job  code  #  to 
Attn:  MS  A3.1. 1.200. 

Juniper  Networks 
1194  N.  Mathilda  Avenue 
Sunnyvale,  CA  94089 


Didn’t  find  the 
IT  career 
that  you  were 
looking  for? 


Check  back  with  us  weekly 
for  fresh  listings  placed 
by  top  companies 
looking  for  skilled 
professionals  like  you! 


iTjcareers 


Ul  Lead  Designer  (UILD0108): 
Lead  team  to  define,  design  Ul 
utilizing  HTML,  CSS,  Adobe 
Design  Suites,  Java  Script, 
PHP;  identify,  implmnt  Ul  design 
patterns  to  increase  usability: 
perform  review;  review  interface 
design  changes  improve  user 
exp;  guide  team  in  design 
issues;  add  innovative  elements 
to  Ul  design;  resp  for  final  look  & 
feel;  train  team.  Req:  BS  or  for¬ 
eign  equiv  in  CS  /  Engg  /  Design 
/  Related  &  5  yrs  exp.  FT  Comp 
Salary.  Resume:  Vimo,  Inc., 
2513,  Charleston  Road,  Ste 
100,  Mountain  View,  CA  94043 


Java  Programmer  to  develop 
computer  and  web-based  sys¬ 
tems  to  create  business  soft¬ 
ware  solutions,  utilizing 
Java/J2EE.  Requires 

Bachelor’s  degree  in 
Computer  Science, 

Engineering,  Mathematics  or 
closely  related  field  or  its 
equivalent  in  education,  train¬ 
ing  and  experience.  Send 
resume  to:  Cindy  Parrish, 
Sigma-Aldrich  Corporation, 
3050  Spruce  Street,  St.  Louis, 
MO  63103.  EOE. 


OneNeck  IT  Services  Corp.  is 
seeking  a  qualified  applicant  for 
the  position  of  Baan  Software 
Engineer  for  its  Kansas  City, 
Missouri  location.  Please  sub¬ 
mit  resumes  to:  Deborah 
Hertle/Human  Resources 
Director,  OneNeck  IT  Services 
Corp.,  5301  N.  Pima  Road, 
Suite  100,  Scottsdale,  AZ 
85250  or  visit  our  website  at: 
www.oneneck.com. 


Landworks,  Inc.,  Houston,  TX 
seeks  qualified  Sr.  GIS 
Developer  to  design  &  develop 
commercial  software  products 
to  run  an  extension  of  ArcGIS 
desktop  &  ArcGIS  Server, 
Geographic  Information 
System  (GIS)  technologies. 
Develop  GIS  solutions. 
Master's  in  Computer  plus 
experience.  Fax  resume  to  L. 
Bramwell  at  713-334-3828.  Put 
job  code  SGIS  on  resume. 
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TRUE  TALES  OF  IT  LIFE  AS  TOLD  TO  SHARKY 


Dude! 

Sysadmin  pilot  fish  is  sitting 
in  his  office  one  morning 
when  a  system  operator 
strolls  in  and  comments, 
“Dude,  the  computer’s  on 
fire.”  What?!?  says  fish. 
“Yeah,  man,  it’s  really  on 
fire.”  Reports  fish,  “I  bolted 
into  the  control  room.  Sure 
enough,  the  cooling  fan  was 
billowing  smoke  out  the  back 
of  a  desktop  PC.  I  quickly 
yanked  the  power  cord  and 
the  fan  stopped  blowing 
smoke.  But  I  think  that  system 
operator  definitely  overdid  it 
in  high  school.” 

Neatnik 

It’s  a  few  years  back,  and  this 
exec  brings  his  Windows  98 
laptop  to  a  support  pilot  fish, 


complaining  that  it  won’t  boot. 
“  ‘Just  all  of  a  sudden,’  they 
always  say,”  fish  grumbles. 

“I  power  it  up,  and  it  self¬ 
tests  OK  but  then  quickly 
complains  that  it  can’t  find 
the  msdos.sys  file.  From  a 
command  prompt,  I  perform 
a  directory  search  for  msdos. 
sys.  Lo  and  behold,  it’s  there: 
c:\junk\msdos.sys  -  along 
with  other  files  like  io.sys, 
boot.ini,  autoexec.bat.  I  asked 
how  his  system  files  ended  up 
in  a  folder  called  ‘Junk.’  He 
said  he  got  tired  of  looking  at 
them  and  made  a  junk  folder 
for  them.” 

Fine  Whine 

Upscale  user  buys  a  pricey 
PC  and  a  few  days  later  brings 
the  keyboard  back  to  this  pilot 


fish  because  it’s  not  working 
-  and  he  knows  why.  “He  was 
chagrined  that  he  had  spilled 
a  glass  of  wine  in  it,”  says 
fish.  “But  he  added  quite  em¬ 
phatically,  ‘But  it  was  a  good 
wine!”’ 

Not  Dead  Yet 

Computer  shop  pilot  fish 
builds  a  new  computer  for  a 
customer,  installs  the  operat¬ 
ing  system  and  updates,  and 
sends  it  on  its  way.  “Three 
days  later,  I  got  a  call  from  my 
supervisor,”  fish  says.  “Ap¬ 
parently,  I  sold  the  customer 
a  DOA  machine,  and  I  was 
about  to  get  reprimanded. 

She  was  in  the  showroom  and 
furious  that  I  sold  her  a  dead 
machine.  She  said,  ‘It  won’t 
even  turn  on.  Did  you  even 
test  it?’  I  then  proceeded  to 
plug  in  the  computer  and  she 
yelled  at  me,  ‘Wait!  What  are 
you  doing?’  I  replied,  ‘Plug¬ 
ging  it  in.’  She  said,  ‘Oh,  that 
gray  thing  isn’t  a  battery?’  I 
very  politely  replied,  ‘The  bat¬ 
tery  has  to  be  charged.’  ” 


That’s  What  It’s  For 

User  asks  pilot  fish  to  restore 
an  e-mail  that’s  been  deleted 
from  a  shared  group  mailbox. 
“They  need  the  e-mail  that 
had  a  spreadsheet  attached,” 
says  fish.  “We  go  through  all 
the  work  of  restoring  a  mail 
store  just  to  get  this  mailbox 
so  we  can  restore  one  e-mail. 
After  the  restore,  we  tell  the 
user  that  they  should  save 
the  spreadsheet  to  the  shared 
file  folder,  since  that’s  a  more 
logical  place  to  be  using  a 
spreadsheet  from.  User  says, 
‘Oh  -  we  can  do  that?’  ” 

■  You  can  do  this:  Send  me 
your  true  tale  of  IT  life  at 
sharky@computerworld.com. 
I’ll  send  you  a  stylish  Shark 
shirt  if  I  use  it. 


©  DO  YOU  LOVE  SHARK  TANK? 

Then  you  might  like  Shark  Bait.  _ ^ 

Dive  in  and  dish  the  dirt 
with  like-minded  IT  pros: 

sharkbait.computerworld.com. 

O  CHECK  OUT  Sharky’s  blog,  browse  the 
Sharkives  and  sign  up  for  Shark  Tank  home 
delivery  at  computerworld.com/sharky. 
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Pick  a  Winner 


ELL,  THAT  was  quick.  Last  week,  consumer 
electronics  giant  Toshiba  announced  it  was 
pulling  the  plug  on  its  high-definition  video 
disc  format,  HD  DVD.  Within  days,  Toshiba’s 
partners  announced  that  they  were  now  Blu-ray  shops,  and 
HD  DVD  players  and  movies  were  reduced  to  fire-sale  prices. 


In  corporate  IT,  at  least 
vendors  pretend  they’ll 
support  loyal  customers 
for  a  while. 

Not  so  in  the  murder¬ 
ously  competitive  con¬ 
sumer  market.  Blu-ray 
backers  Sony  and  Pioneer 
and  HD  DVD  supporters 
Toshiba  and  Microsoft 
paid  movie  studios  to 
choose  their  formats  and 
used  promotions  and  dis¬ 
counts  to  keep  products 
moving  through  retailers. 
But  just  weeks  after  one 
studio  walked  away  from 
HD  DVD,  whole  product 
lines  from  multiple  ven¬ 
dors  were  gone. 

Whew! 

Of  course,  we  in  IT 
pick  technologies  all  the 
time.  We  have  some  good 
rules  of  thumb  for  choos¬ 
ing  winners.  We’d  never 
have  been  fooled  by  a 
loser  like  HD  DVD,  right? 

Well . . .  maybe.  But 
consider: 

HD  DVD  was  first  to 
market.  Blu-ray  was  de¬ 
veloped  first,  and  Sony 
showed  prototypes  in 


2000.  But  Toshiba  got 
its  first  products  out  in 
April  2006,  whereas  the 
first  Blu-ray  discs  weren’t 
available  until  June. 

HD  DVD  players  and  mov¬ 
ies  outsold  Blu-ray  right 
out  of  the  gate.  In  fact, 

HD  DVD  sold  more  discs 
than  Blu-ray  every  month 
for  the  first  six  months 
the  two  formats  were 
both  available. 

HD  DVDs  were  more  com¬ 
patible  with  regular  DVDs. 
They  used  the  same  file 
systems  as  regular  DVDs 
and  could  be  produced 
by  manufacturers  with 
the  same  equipment  used 
to  make  regular  DVDs. 
Blu-ray  discs  didn’t  and 
couldn’t. 

HD  DVD  players  were 
cheaper  —  at  the  low  end, 
less  than  half  the  price 
of  Blu-ray  players.  Discs 
cost  about  the  same  for 
both  formats. 

■  The  difference? 
Two  words: 
installed  base. 


HD  DVD  was  backed  by 
Microsoft,  which  offered 
an  HD  DVD  drive  as  an 
option  for  its  Xbox  360 
game  console. 

Blu-ray  looked  like  Beta- 
max  all  over  again.  In  the 
videotape  format  wars 
of  the  1970s,  the  cheaper 
VHS  format  stomped  all 
over  Sony’s  technically 
superior  Betamax.  And 
past  failure  is  a  good  in¬ 
dicator  of  future  catastro¬ 
phe,  isn’t  it? 

Not  this  time.  Some¬ 
how,  all  those  rules  of 
thumb  didn’t  point  to  a 
winner. 

What  made  the  dif¬ 
ference  for  Blu-ray?  Two 
words:  installed  base. 
Sony  built  a  Blu-ray 
player  into  every  Play¬ 
Station  3  it  sold,  starting 
in  November  2006. 

Sony  shipped  three 
times  as  many  Blu-ray- 
equipped  consoles  as 
Microsoft  shipped  HD 
DVD  drives.  For  Blu-ray, 
the  game  machine  was  its 
killer  application. 

In  December  2006, 


Blu-ray  movies  outsold 
HD  DVD  for  the  first 
time.  HD  DVD  was  never 
ahead  again.  Despite  big 
financial  incentives  (HD 
DVD  backers  report¬ 
edly  paid  $150  million  to 
convince  Paramount  and 
DreamWorks  to  go  HD 
DVD -only),  movie  stu¬ 
dios  and  retailers  began 
shifting  to  Blu-ray. 

And  when  Warner 
Home  Video  made  a 
surprise  announcement 
at  this  year’s  Consumer 
Electronics  Show  that 
it  was  going  exclusively 
Blu-ray,  Toshiba  canceled 
its  HD  DVD  press  confer¬ 
ence  at  the  show.  Within 
weeks,  it  was  all  over  for 
HD  DVD. 

Would  you  have  seen 
that  coming?  If  you  just 
counted  up  the  rules  of 
thumb  on  each  side,  HD 
DVD  should  have  won 
hands  down. 

So  next  time  you  pull 
out  your  rules  of  thumb 
to  evaluate  technology, 
remember:  First-to- 
market  is  good.  So  are 
strong  early  sales,  legacy 
compatibility,  lower  price 
and  a  big  wet  kiss  from 
Microsoft. 

But  a  killer  app  with 
a  bigger  installed  base? 
That’s  what  Blu  them  all 
away.  ■ 

Frank  Hayes  is  Computer- 
world’s  senior  news 
columnist.  Contact  him 
at  frank_hayes@ 
computerworld.com. 
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Innovations  by  InterSystems 


Embed  competitive  advantages. 


To  make  database  applications  more  valuable,  embed  InterSystems  Cache®  -  the  object  database 
that  runs  SQL  faster  than  relational  databases  -  and  enjoy  higher  speed  and  scalability  while 
lowering  hardware  and  administration  requirements.  Or,  for  applications  that  have  to  link  with 
multiple  systems  and  processes,  embed  InterSystems  Ensemble®.  Your  applications  will  become 
connectable,  and  you’ll  be  able  to  rapidly  enhance 
them  with  a  rich  Web  interlace,  adaptable  work- 
flow,  rules-based  business  processes,  and  other 
new  features  -  without  rewriting. 
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Applications 

More 

Valuable 

Download  a  free,  frilly  functional  copy  of  Cache,  or  see  a  demonstration  of  Ensemble,  at  InterSystems.com/Freel5A 
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Dell  PowerEdge  M600  Blade  System 

1  BOX 

SETUP:  14  minutes,  13  seconds 


—  vs 


HP  BladeSystem  c-Class 

78  BOXES 

SETUP:  3  hours,  13  minutes,  15  seconds 


